Analysis
-
max time kernel
140s -
max time network
136s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
14/07/2020, 06:43
General
-
Target
33a84d9ab5e59d690dcbd9a1a717717945a4681f9976e54da87c64d7d6f1bb8f.xls
-
Size
194KB
-
MD5
1f5519461b9f7072084de99286f492f5
-
SHA1
980d3920ab413434e15c3a79eb42cc0ad4788cb1
-
SHA256
33a84d9ab5e59d690dcbd9a1a717717945a4681f9976e54da87c64d7d6f1bb8f
-
SHA512
188f3c1d688fa26513793f9da420e27da3d78fd6b60cdba8c74d368f381a5184b528e12533ba1fb599c96c9f593df3f01b268f2a5ae7b27a794ccf0f1e50129f
Score
1/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious use of SetWindowsHookEx 13 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\33a84d9ab5e59d690dcbd9a1a717717945a4681f9976e54da87c64d7d6f1bb8f.xls"1⤵
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry