Analysis
-
max time kernel
139s -
max time network
138s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
08/07/2020, 09:00
General
-
Target
httpbiz9holdings.comINVOICEM.xlsx
-
Size
14KB
-
MD5
e46baf854751a3373f7c3e2b29795c4b
-
SHA1
9ab7b5e8212077d63e4e3bba9e11723642ac2d13
-
SHA256
ba3c7a930968407429cc8e33aa79f4033e1cf2d1597973b6d6cd31b9382cef37
-
SHA512
a0401ae1b513ff4ccb314bebc77c682c4543a057609d8a724a6161625565de6687e4c04a1d0062684c5ed02a92cfac95960aef872aee900a07f06d4f8cf8828c
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 12 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\httpbiz9holdings.comINVOICEM.xlsx"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry
- Enumerates system info in registry