Analysis

  • max time kernel
    140s
  • max time network
    135s
  • platform
    windows10_x64
  • resource
    win10v200430
  • submitted
    08-07-2020 09:24

General

  • Target

    Orderfor july.xlsx

  • Size

    14KB

  • MD5

    d27eeb485092524e4b2080ec1260da80

  • SHA1

    ea9031e9ffdefbcd760ca2dcc8f5c7015e113b51

  • SHA256

    f58398d719869f9ce7478274ee24fe8c714184d37289efc2496c0ba52c64e0ce

  • SHA512

    23f5b1089624c01804a7aec893c6a465f028347be52ff78d0505e38b847e2537a6ccebb65e01a1d9aa45cb4a1fbb60e06d34d182203dfd38169729e169f22a7f

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\Orderfor july.xlsx"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    • Enumerates system info in registry
    • Checks processor information in registry
    PID:2536

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads