Overview

overview

10

Static

static

Forever

windows7_x64

10

Eternity

windows7_x64

1

Resubmissions

23-09-2020 14:42

200923-46vagsg26s 10

21-09-2020 18:03

200921-d7szzs4t26 10

Analysis

  • max time kernel
    303s
  • max time network
    15s
  • platform
    windows7_x64
  • resource
    win7v200722
  • submitted
    23-09-2020 14:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    boq_6_boq.doc

  • Size

    684KB

  • MD5

    4913959946c7c8d9ff682439eb108928

  • SHA1

    2e77f1b7c588d274bd998dc6dda422363cc6f9ba

  • SHA256

    052c9196dfe764f1fbd3850d706d10601235dc266d1151c93d34454a12206c28

  • SHA512

    b74c1b001c628bc762eda6d724b674b8951380d8eb1e94fdfc59852b67e851b8ca670905e565467431c5c8b0282fe5f6c9f4ba8f0ce41840530959c13ce1c595

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\boq_6_boq.doc"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1420

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1420-0-0x0000000006720000-0x0000000006724000-memory.dmp
    Filesize

    16KB

    Download
  • memory/1420-1-0x0000000007720000-0x00000000077CC000-memory.dmp
    Filesize

    688KB

    Download
  • memory/1420-2-0x0000000006720000-0x0000000006724000-memory.dmp
    Filesize

    16KB

    Download
  • memory/1420-5-0x0000000006720000-0x0000000006724000-memory.dmp
    Filesize

    16KB

    Download