Overview

overview

10

Static

static

caricare,07.20.doc

windows7_x64

10

caricare,07.20.doc

windows10_x64

1

Analysis

  • max time kernel
    135s
  • max time network
    134s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    11/07/2020, 07:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    caricare,07.20.doc

  • Size

    134KB

  • MD5

    8f970304783c8aa3d23f287b4be714eb

  • SHA1

    e0c30b6e95c686c663878e16b067418e4e0ef6c9

  • SHA256

    00ea129930da0a14d84e659de72d16b4edcb9574ab665466e6b931676fe95aed

  • SHA512

    0f58e98169975eca6009b83028ca80defbeb638232aba07da9bf873e04c57c4d780eb5e3e71cdfe8096700a097a398b4cb3733dce8816676f2b24abef13e46b2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious use of SetWindowsHookEx 19 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\caricare,07.20.doc" /o ""
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious use of SetWindowsHookEx
    PID:2072

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2072-0-0x0000018E74587000-0x0000018E7458C000-memory.dmp

          Filesize

          20KB

          Download

        • memory/2072-1-0x0000018E74584000-0x0000018E74587000-memory.dmp

          Filesize

          12KB

          Download

        • memory/2072-2-0x0000018E745DE000-0x0000018E745E4000-memory.dmp

          Filesize

          24KB

          Download

        • memory/2072-3-0x0000018E74587000-0x0000018E7458C000-memory.dmp

          Filesize

          20KB

          Download

        • memory/2072-4-0x0000018E74584000-0x0000018E74587000-memory.dmp

          Filesize

          12KB

          Download

        • memory/2072-5-0x0000018E74587000-0x0000018E7458C000-memory.dmp

          Filesize

          20KB

          Download

        • memory/2072-6-0x0000018E745E4000-0x0000018E745EA000-memory.dmp

          Filesize

          24KB

          Download

        • memory/2072-7-0x0000018E745E4000-0x0000018E745EA000-memory.dmp

          Filesize

          24KB

          Download