Analysis

  • max time kernel
    98s
  • max time network
    135s
  • platform
    windows10_x64
  • resource
    win10
  • submitted
    20/10/2020, 23:06

General

  • Target

    doc_pack-684804949.xls

  • Size

    62KB

  • MD5

    49c70c45080fd9a58c041218861c9b59

  • SHA1

    d265dcfecc7b52ec2f41d3818009a571c9ab0496

  • SHA256

    6158f4eacb0c694719f69f42914c5db025889f4a9fb549a0ead23d6935f3c0dd

  • SHA512

    dbce792ecc00e007b56f9871dfb85cd2931c35abf716758a2666769a40a65517033c73dace742e4f7e88ee91a6b16e58e941398e8365266d8df8b5985ad48d9d

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\doc_pack-684804949.xls"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:716

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/716-0-0x00007FFFBC7D0000-0x00007FFFBCE96000-memory.dmp

    Filesize

    6.8MB