Analysis
-
max time kernel
135s -
max time network
132s -
platform
windows10_x64 -
resource
win10 -
submitted
11-07-2020 07:25
General
-
Target
richiedere.07.20.doc
-
Size
134KB
-
MD5
2a3becf45cb2beab4516efe3e2ab2c74
-
SHA1
034531bbf31899b2c44a2887a64b013396cd8e0d
-
SHA256
c4b476186a7d27189e16f2c25a20d47c84da5e08fe7994014cbbad879c53dbfd
-
SHA512
02a843000356e760523fee53320ac93c545d39cd34e9791acbf0759e6d55ec511d4c3d299f4a6b5770b47ba737b691cc5af5b496ed05c517b047c2cf668c5546
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious use of SetWindowsHookEx 19 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\richiedere.07.20.doc" /o ""1⤵
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/792-0-0x00000151ED046000-0x00000151ED06E000-memory.dmpFilesize
160KB
-
memory/792-1-0x00000151ED06E000-0x00000151ED073000-memory.dmpFilesize
20KB
-
memory/792-2-0x00000151ED0AB000-0x00000151ED0B0000-memory.dmpFilesize
20KB
-
memory/792-3-0x00000151ED06E000-0x00000151ED073000-memory.dmpFilesize
20KB
-
memory/792-4-0x00000151ED0A4000-0x00000151ED0A9000-memory.dmpFilesize
20KB
-
memory/792-5-0x00000151ED0A9000-0x00000151ED0AB000-memory.dmpFilesize
8KB