Analysis
-
max time kernel
139s -
max time network
134s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
14/07/2020, 06:44
General
-
Target
ef096dacf716f9b86096118b769142415c22e921ea7be3cb65e146a24bf64636.xls
-
Size
186KB
-
MD5
e0fd5f9ffbc9eba002dbbc16823a3c18
-
SHA1
38903ad45f9611dba7d355432c3847ce8a1d2ae9
-
SHA256
ef096dacf716f9b86096118b769142415c22e921ea7be3cb65e146a24bf64636
-
SHA512
83f240517c10d52d7ce55e53150d82cf235407b2b36900d86c4b57d001f12af32f7523cb38815e3b04edbd627a6b417a0aad93017c504745f54ddbbf63949eb7
Score
1/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious use of SetWindowsHookEx 13 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\ef096dacf716f9b86096118b769142415c22e921ea7be3cb65e146a24bf64636.xls"1⤵
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry