Analysis
-
max time kernel
139s -
max time network
149s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
15-07-2020 10:14
General
-
Target
SecuriteInfo.com.Exploit.Siggen2.7821.4619.16363.rtf
-
Size
1.1MB
-
MD5
88dcc5eb0aaa4271c5d90723e44a67ea
-
SHA1
c98690afa202b7c1e5ae48fa943a90a7d0862de1
-
SHA256
fce16de9e4ffabab4f225e7b5aec3b7e91abfd85060aa5fe483464454c7bee63
-
SHA512
38a730fe04c57a7d6ac1fbf5cdaae9bed6a15deb0661958d76fc3f33b3c07894609e05c43465b738454e5407687fd17274f29a06cb041bd2f9580169735531cd
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious use of SetWindowsHookEx 10 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Exploit.Siggen2.7821.4619.16363.rtf" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener