Analysis
-
max time kernel
137s -
max time network
146s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
09/07/2020, 11:58
General
-
Target
0c7e1d0821c8e7919aed75f079425c77d59020a4a721ed45005c2a07c1f444b8.xls
-
Size
243KB
-
MD5
169e60ab1715df7c1f80d37c17fe36ba
-
SHA1
78817ce44779c8d2ceb814d2580b6cf44e3ad185
-
SHA256
0c7e1d0821c8e7919aed75f079425c77d59020a4a721ed45005c2a07c1f444b8
-
SHA512
69a292dce5a5f84d355694c7aba00844a1305f9b0fa4d882c187ad4771dbbc4739af3477b8a05ce852257741760576595fae38e5c519d62b448ec82fb8617735
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 13 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\0c7e1d0821c8e7919aed75f079425c77d59020a4a721ed45005c2a07c1f444b8.xls"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Enumerates system info in registry
- Checks processor information in registry