Resubmissions

07-07-2020 18:04

200707-pj4k6mmdax 1

07-07-2020 18:01

200707-1f8khg5ths 1

Analysis

  • max time kernel
    137s
  • max time network
    132s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    07-07-2020 18:01

General

  • Target

    4989a6b8805fbd75b9d414c956751e4bea044ca394e36fda46b7dd472d55f28f.xls

  • Size

    189KB

  • MD5

    4fda007a1779631ae14da954cb0b95d4

  • SHA1

    f335a6c4998871b9f7ca20e5e7f41878db0f2b3f

  • SHA256

    4989a6b8805fbd75b9d414c956751e4bea044ca394e36fda46b7dd472d55f28f

  • SHA512

    7d907f5ddc72823e5dea5fbd393ec6002fc1b2bc858cc5017c0984de4c6a504407ce942ed854deff02cec41871cfefb4475337c65b8a4993a9c52364a5d77f46

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 13 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\4989a6b8805fbd75b9d414c956751e4bea044ca394e36fda46b7dd472d55f28f.xls"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    • Checks processor information in registry
    • Enumerates system info in registry
    PID:640

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads