Analysis
-
max time kernel
138s -
max time network
134s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
09-07-2020 15:37
General
-
Target
SecuriteInfo.com.Trojan.GenericKD.34139809.20191.20380.xls
-
Size
911KB
-
MD5
5d3da35b75a8ebd4ea01e5dfea3cc964
-
SHA1
a96ad70d56e1fb611b6ecc29029b813b9d3948ff
-
SHA256
0e7dcaa2a0b1d03753b49f7fd799a82c9c0ee20b6d1b02496151f53e234ddd91
-
SHA512
6d887b61524f8ceec84268623b9187b98c1ce6ec96ab3650bab587253b3e71e77480e3e39e75e7beb106c847c8ae98e0257613e220d62dfbde0ff9ee62e55c3c
Score
6/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 12 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Enumerates connected drives 3 TTPs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.GenericKD.34139809.20191.20380.xls"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Enumerates system info in registry
- Checks processor information in registry