Analysis
-
max time kernel
135s -
max time network
131s -
platform
windows10_x64 -
resource
win10 -
submitted
01-08-2020 19:37
General
-
Target
SecuriteInfo.com.Exploit.Siggen2.12178.18639.4466.doc
-
Size
174KB
-
MD5
d9115c6d9e1318028e66ea6d87a71ae1
-
SHA1
0d3822ca70938c790bd191c1b4a18dda93199a28
-
SHA256
daa02c094f479a12e59e5f5bdc4a4dfe14f22d92f78453d27382132b41bab40b
-
SHA512
12e4e493b4e748890018d34bbe42fd933b9ea06b7a1ae07ab96cc59e8754c658e6003fdba47404a8c8892947b5c851d1e650f496e04cc4f12fda3a5e4e57f9ec
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 9 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Exploit.Siggen2.12178.18639.4466.doc" /o ""1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious behavior: AddClipboardFormatListener
- Checks processor information in registry
- Enumerates system info in registry