Analysis

  • max time kernel
    63s
  • max time network
    71s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    29-10-2020 04:37

General

  • Target

    doc_pack-2058851367.xlsb

  • Size

    24KB

  • MD5

    673e12428fbaf5e3c7ecb1e2acd2ea92

  • SHA1

    4efa19e8fda2f0a74da8c432495fcccb79959632

  • SHA256

    e2ca9b1eda0fa9949dde465cb7d1f2738f55a8229a4e8f37db6704e277bc294d

  • SHA512

    99b87008a28e061115a9c3e52ffd2bb7c5534efc3f6a31f4e2647214a7db98cec4b00d5f2b0cedafa15556922e541ef3da3ddac8138442001b9b2b226f88b530

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\doc_pack-2058851367.xlsb
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:484

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2012-0-0x000007FEF63D0000-0x000007FEF664A000-memory.dmp

    Filesize

    2.5MB