Analysis

  • max time kernel
    75s
  • max time network
    26s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    29-10-2020 04:37

General

  • Target

    doc_pack-2066120195.xlsb

  • Size

    24KB

  • MD5

    812524823c5c2034230b20318ef2e02c

  • SHA1

    6b1a0887d75cc6037ecd46621624042b53b9fe45

  • SHA256

    1c94bdc796e4c0b924fce22b3cc70a2c578c7082195ea506b75cfa297d298f90

  • SHA512

    0ff606494a356c841fc9aa51d4bf0835125a4e963fb5903b3fd6f9c5c71ab50f9d15f4e7bc8c3e133e153938c49ae545927d24f6fefbd4327add5c83bc202b0e

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\doc_pack-2066120195.xlsb
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:740

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/520-5-0x000007FEF7300000-0x000007FEF757A000-memory.dmp

    Filesize

    2.5MB

  • memory/740-0-0x0000000002360000-0x0000000002361000-memory.dmp

    Filesize

    4KB

  • memory/740-2-0x0000000002360000-0x0000000002361000-memory.dmp

    Filesize

    4KB

  • memory/740-4-0x0000000002360000-0x0000000002361000-memory.dmp

    Filesize

    4KB