Overview

overview

1

Static

static

aa2e16eb34...77.doc

windows7_x64

1

aa2e16eb34...77.doc

windows10_x64

1

Resubmissions

10-07-2020 07:44

200710-lw2wjj8le6 1

10-07-2020 07:38

200710-43qx4b7xkn 1

10-07-2020 07:37

200710-yy5hsvbtj6 1

Analysis

  • max time kernel
    75s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    10-07-2020 07:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aa2e16eb340092bab078db3f0d8848606f332a7e052888346b3c47ac37a9de77.doc

  • Size

    132KB

  • MD5

    af25d98ae8d414145376cd8f1a30cc91

  • SHA1

    3564e94e0d449ed7dd5c0013dc11b7efdbd9b13b

  • SHA256

    aa2e16eb340092bab078db3f0d8848606f332a7e052888346b3c47ac37a9de77

  • SHA512

    4e35717e9d242f81244eb4d7809945d6bc36e2655a5a2f8873a062a7be0c2c34e518ad330cf7297306f691a5c4a9215c9162c8e2eed486bb1467a698a5bb0a91

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 16 IoCs
  • Office loads VBA resources, possible macro or embedded object present
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\aa2e16eb340092bab078db3f0d8848606f332a7e052888346b3c47ac37a9de77.doc"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    PID:1500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1500-0-0x0000000004791000-0x00000000047F4000-memory.dmp

    Filesize

    396KB

    Download