Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

raccontare...20.doc

windows7_x64

10

raccontare...20.doc

windows10_x64

1

Analysis

  • max time kernel
    135s
  • max time network
    126s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    11/07/2020, 07:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    raccontare.07.08.2020.doc

  • Size

    134KB

  • MD5

    bcc82032ede3c935fd6e7c1deb1ad072

  • SHA1

    33e69f3c2a77b369421bbd315f5ed2d2e94160a2

  • SHA256

    2b276d5638fef9e9774853b42fe3626c15a13653423c2da87638f725b687696b

  • SHA512

    aa491163724907095ca85bced842f203e70c843f0d1eeb1b10bfd8f81684169297ee92f07de2451f03f1463075ca51795446fcc5faacdc0dd67971edbbc0cb52

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 19 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\raccontare.07.08.2020.doc" /o ""
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious behavior: AddClipboardFormatListener
    • Checks processor information in registry
    • Enumerates system info in registry
    PID:2916

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2916-0-0x0000025A5AA7B000-0x0000025A5AA7F000-memory.dmp

    Filesize

    16KB

    Download

  • memory/2916-1-0x0000025A5AC10000-0x0000025A5AC15000-memory.dmp

    Filesize

    20KB

    Download

  • memory/2916-2-0x0000025A5AA78000-0x0000025A5AA7B000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2916-3-0x0000025A5AA78000-0x0000025A5AA7B000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2916-4-0x0000025A5AA7B000-0x0000025A5AA7F000-memory.dmp

    Filesize

    16KB

    Download

  • memory/2916-5-0x0000025A5ABA7000-0x0000025A5AC11000-memory.dmp

    Filesize

    424KB

    Download

  • memory/2916-6-0x0000025A5ABA7000-0x0000025A5AC11000-memory.dmp

    Filesize

    424KB

    Download