Analysis
-
max time kernel
142s -
max time network
143s -
platform
windows10_x64 -
resource
win10v200410 -
submitted
15-04-2020 14:53
General
-
Target
5af3bdbe31bf60ddc4bd101f4bee6e843a58450b4d39c8a12ce58135ec4b1b19.xls
-
Size
192KB
-
MD5
bf1efbdca05fab7682b9da5b800c2d4c
-
SHA1
e57949811523eed8ab9321394a537bb909eaa7e7
-
SHA256
5af3bdbe31bf60ddc4bd101f4bee6e843a58450b4d39c8a12ce58135ec4b1b19
-
SHA512
4ba1b206c2085926972d87d044b770394443b129e707c8f396725597b36a9cb4f7be5de7a9026d579331d6af5a3365d74e3cfe1148420010a2625c7681ed8b07
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 12 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\5af3bdbe31bf60ddc4bd101f4bee6e843a58450b4d39c8a12ce58135ec4b1b19.xls"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry
- Enumerates system info in registry