Analysis
-
max time kernel
138s -
max time network
133s -
platform
windows10_x64 -
resource
win10v200430 -
submitted
16-07-2020 10:34
General
-
Target
bff21b4abca94a64119ffa90606ce1d0757410438d140c132bf8941363707ff8.xls
-
Size
203KB
-
MD5
ec342ada91a0dda503ad94a5ae61a868
-
SHA1
e0847a4ee37e9e7b24975733c7d71c675599e77f
-
SHA256
bff21b4abca94a64119ffa90606ce1d0757410438d140c132bf8941363707ff8
-
SHA512
215e27ad39beeba152b2ca6c79941c4dfcf5d0f62ef1b43324b5e556e70a281a0bd69be89afab1f69e2687871f67e91aade95d04ff8387d2fdb20cb54873c592
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 13 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\bff21b4abca94a64119ffa90606ce1d0757410438d140c132bf8941363707ff8.xls"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry
- Enumerates system info in registry