Analysis

  • max time kernel
    63s
  • max time network
    27s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    29-10-2020 04:37

General

  • Target

    doc_pack-2066251255.xlsb

  • Size

    24KB

  • MD5

    77f9b8cd5c8ebf6689999724bcaf7ecc

  • SHA1

    f454bfe9775adcfefd1f7fd8411b5ac3ae71b70a

  • SHA256

    a5f44f51175239849c5b43de5504c75e37b8fc398ff663e988ca69bb06c3d83d

  • SHA512

    046aae853dbfccbebe9666bb80a57ea5e556df8db2ef1fde04056e18b3dc4133bafdfade7b72036977a59d5803aeb2a32c3cd31225639d9b3d90dd99d9d37c79

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\doc_pack-2066251255.xlsb
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1732

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1064-0-0x000007FEF6B80000-0x000007FEF6DFA000-memory.dmp

    Filesize

    2.5MB