Analysis
-
max time kernel
100s -
max time network
67s -
platform
windows7_x64 -
resource
win7 -
submitted
16-07-2020 05:03
Static task
static1
Behavioral task
behavioral1
Sample
2ndchecking.xlsm
Resource
win7
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
2ndchecking.xlsm
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
2ndchecking.xlsm
-
Size
340KB
-
MD5
bcdadfdc16bcf022384c4631849e1396
-
SHA1
d8037e4d08b75991123dd881e8d7d90ac236ef5f
-
SHA256
5d1a0f2b5908c1583c889abea48061acb019f21d50f928fb5dd876434255d8d6
-
SHA512
3f474f6b0b84c8f605b155ebfc5d529075babdaef3d2c2daf70027132814627c584e9b6969933f32e4740ff1ec3ba2046af4255477c6de527ad950640942bb8d
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
pid Process 112 EXCEL.EXE -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 112 EXCEL.EXE 112 EXCEL.EXE 112 EXCEL.EXE 112 EXCEL.EXE -
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 112 EXCEL.EXE
Processes
-
C:\Program Files\Microsoft Office\Office14\EXCEL.EXE"C:\Program Files\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\2ndchecking.xlsm1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: GetForegroundWindowSpam
PID:112