Overview

overview

8

Static

static

8

e-vote_for...7 .doc

windows7_x64

1

e-vote_for...7 .doc

windows10_x64

1

Analysis

  • max time kernel
    149s
  • max time network
    6s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    30-06-2020 17:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e-vote_form 490.57.607 .doc

  • Size

    159KB

  • MD5

    2724b111225ce89b723ab445ed056c58

  • SHA1

    d9b04721b2f7b832abc3fb78f3aa969bf1401ef8

  • SHA256

    97911a67667e73c0c1628e2b441dd6f9ced9f142e87665e9c2f23d56c87b919c

  • SHA512

    3b95691fd43a48f504d37b36e3a7c31dfddf09c94f3b45f19e0f7d5d1b53c0442c7a537167950fe741cf0a25cda2b00e9c907da2b1b32caacfcc528c373303b9

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Office loads VBA resources, possible macro or embedded object present

Processes

  • C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\e-vote_form 490.57.607 .doc"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads