Analysis
-
max time kernel
13s -
max time network
14s -
platform
windows10_x64 -
resource
win10 -
submitted
17-07-2020 16:50
General
-
Target
437c60d3c3388318f4bd86615549124c38e1a92e1d80bd89336a6e12322dbea5.doc
-
Size
195KB
-
MD5
491bc486983f1fbed10886198ce49d6e
-
SHA1
45b1e111ae72f40beda19b0bb4edd3b58903df0c
-
SHA256
437c60d3c3388318f4bd86615549124c38e1a92e1d80bd89336a6e12322dbea5
-
SHA512
13ae9ee8e4e9b979088cb8887822cf9edfa31179c26eb36f88219b198cc6bc3cb53b81fd5efcb1f58cff1d05a955add2cf1c3bdbe59597b69c2bd4144af2f0c3
Score
1/10
Malware Config
Signatures
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious use of SetWindowsHookEx 10 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\437c60d3c3388318f4bd86615549124c38e1a92e1d80bd89336a6e12322dbea5.doc" /o ""1⤵
- Enumerates system info in registry
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
424KB
-
Filesize
424KB
-
Filesize
424KB
-
Filesize
424KB
-
Filesize
20KB