Analysis

  • max time kernel
    144s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    29-10-2020 04:37

General

  • Target

    doc_pack-2088194944.xlsb

  • Size

    24KB

  • MD5

    ab5d33d3fb9784b34498718b85612b6c

  • SHA1

    ef794cf61c4d9faaf957250fa2bfe817626208e9

  • SHA256

    2431efd5ac0ad664c3b44bb8895ebf8498c61b0e0f4780a900207056b6b7eb58

  • SHA512

    1ee856ef9515d0940cd7e8159219441363ec84296d47d6c3c42f5c75590bcef3a28152d95062968b1aea597bf3f07886ccf078bc9c258d86cb3ba6ce9518a2d0

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\doc_pack-2088194944.xlsb
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1704

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1120-0-0x000007FEF6790000-0x000007FEF6A0A000-memory.dmp

    Filesize

    2.5MB