ed352b0327169f41333dcbfb25604cc794cc8c236f176b234aa83adf36a0b1db | Triage

Analysis

max time kernel
110s
max time network
89s
platform
windows7_x64
resource
win7v200217
submitted
02-04-2020 14:58

Sharing

Report Analysis Logs

General

Target

xk5.xls
Size

181KB
MD5

7ff391c915655dd94eced90c495b4cdb
SHA1

1c293d4246954a1edd22a257a99ad8390eecfef9
SHA256

ed352b0327169f41333dcbfb25604cc794cc8c236f176b234aa83adf36a0b1db
SHA512

0ed5901b941f89e114628383f2b3ca1479c4ccfa945d86851f0e43a88bddcd1d334ae9d01cdf392737ebe16db834222c63588ea016d96242ce991ce669c39871

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes:

EXCEL.EXE

pid process

1832 EXCEL.EXE
Suspicious use of SetWindowsHookEx 4 IoCs

Processes:

EXCEL.EXE

pid process

1832 EXCEL.EXE
1832 EXCEL.EXE
1832 EXCEL.EXE
1832 EXCEL.EXE
Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

EXCEL.EXE

pid process

1832 EXCEL.EXE

C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\xk5.xls
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: GetForegroundWindowSpam
PID:1832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...