Analysis
-
max time kernel
135s -
max time network
133s -
platform
windows10_x64 -
resource
win10 -
submitted
11-07-2020 07:23
General
-
Target
certificato-07.08.20.doc
-
Size
134KB
-
MD5
0a1f37db056ff83c5161a2604fc0f978
-
SHA1
9ff7afd9002eafe4c409dfaadde932fb5400666f
-
SHA256
340997943546e3a333e84ca3764f721b48218557389534beebe4a2ab13b968d4
-
SHA512
a0c2d9aeb70660964d0bf8c01a25cf3f5c4d1012270663403ad54029b064000b5afdb989f2f3be2f00673f5384fcadd31716dc405dd7f3295523576ce0563217
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 19 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\certificato-07.08.20.doc" /o ""1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Enumerates system info in registry
- Checks processor information in registry
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/344-0-0x000001A3AB7B5000-0x000001A3AB7BA000-memory.dmpFilesize
20KB
-
memory/344-1-0x000001A3AB7B5000-0x000001A3AB7BA000-memory.dmpFilesize
20KB
-
memory/344-2-0x000001A3AB821000-0x000001A3AB826000-memory.dmpFilesize
20KB
-
memory/344-3-0x000001A3AB7B4000-0x000001A3AB7B5000-memory.dmpFilesize
4KB
-
memory/344-4-0x000001A3AB7B5000-0x000001A3AB7BA000-memory.dmpFilesize
20KB
-
memory/344-5-0x000001A3AB7B5000-0x000001A3AB7BA000-memory.dmpFilesize
20KB
-
memory/344-6-0x000001A3A1892000-0x000001A3A1897000-memory.dmpFilesize
20KB
-
memory/344-7-0x000001A3AB818000-0x000001A3AB821000-memory.dmpFilesize
36KB