Analysis
-
max time kernel
135s -
max time network
128s -
platform
windows10_x64 -
resource
win10 -
submitted
16/07/2020, 10:33
General
-
Target
18a225d2163d3a22c902f3473909971f48d069713f8d0e3ad326c2564c65d343.xls
-
Size
189KB
-
MD5
419f7df7c66a3b793343a292e8e71d1c
-
SHA1
7574a7180f3278b68a9e041e89b2d40cdfdb9459
-
SHA256
18a225d2163d3a22c902f3473909971f48d069713f8d0e3ad326c2564c65d343
-
SHA512
ccc33f929d910b39ff12ffaa6853b4c4b9785badb02eb7cd0c02460c97349920f42ebf91b765741a37bf17e33b518dcc5ad6b9c4aa339f268d78b831a8dff23d
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 13 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\18a225d2163d3a22c902f3473909971f48d069713f8d0e3ad326c2564c65d343.xls"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of FindShellTrayWindow
- Checks processor information in registry
- Enumerates system info in registry