Analysis
-
max time kernel
98s -
max time network
135s -
platform
windows10_x64 -
resource
win10 -
submitted
20/10/2020, 23:06
Static task
static1
Behavioral task
behavioral1
Sample
doc_pack-684804949.xls
Resource
win7
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
doc_pack-684804949.xls
Resource
win10
0 signatures
0 seconds
General
-
Target
doc_pack-684804949.xls
-
Size
62KB
-
MD5
49c70c45080fd9a58c041218861c9b59
-
SHA1
d265dcfecc7b52ec2f41d3818009a571c9ab0496
-
SHA256
6158f4eacb0c694719f69f42914c5db025889f4a9fb549a0ead23d6935f3c0dd
-
SHA512
dbce792ecc00e007b56f9871dfb85cd2931c35abf716758a2666769a40a65517033c73dace742e4f7e88ee91a6b16e58e941398e8365266d8df8b5985ad48d9d
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
pid Process 716 EXCEL.EXE -
Suspicious behavior: EnumeratesProcesses 2 IoCs
pid Process 716 EXCEL.EXE 716 EXCEL.EXE -
Suspicious use of SetWindowsHookEx 8 IoCs
pid Process 716 EXCEL.EXE 716 EXCEL.EXE 716 EXCEL.EXE 716 EXCEL.EXE 716 EXCEL.EXE 716 EXCEL.EXE 716 EXCEL.EXE 716 EXCEL.EXE
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\doc_pack-684804949.xls"1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:716