Analysis

  • max time kernel
    140s
  • max time network
    135s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    08-07-2020 09:23

General

  • Target

    0638aa9390398bca952897742d28d25646b6b5ba.xlsx

  • Size

    14KB

  • MD5

    154433e5092243f15b75c082a894ccf7

  • SHA1

    0638aa9390398bca952897742d28d25646b6b5ba

  • SHA256

    bab1e3d465b767fb9bd76ea52dee3e3c4af2c4c443d8fe6712f5dfa8ae164084

  • SHA512

    f4953ac9f07c8801996cf99378c1f2d77789429f6b4d4cebddc6eb240d4a12854b1ee238a7e7a16877d86cb868184e4bf648d423e7fef7366825acd2ab855551

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\0638aa9390398bca952897742d28d25646b6b5ba.xlsx"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    PID:2564

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads