Analysis

  • max time kernel
    79s
  • max time network
    83s
  • platform
    windows7_x64
  • resource
    win7v20201028
  • submitted
    29-10-2020 03:41

General

  • Target

    doc_pack-1932789930.xlsb

  • Size

    24KB

  • MD5

    53e8340118358d0b4c195ceaa08326ff

  • SHA1

    0d0e8436cac5fb53b5ed40729fd0047975d85f55

  • SHA256

    538d3902eeddf96ab445a5112b56d6b4b4a700ef52f8d0d88683f6be39376d48

  • SHA512

    ea8103c036199868066bb0382a81297f5168eefda3a756311c9743ac9e42b0664c96808027d709847c4c47fd62d5fd0fc6238ca35d25d92478340b864bd0b43b

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\doc_pack-1932789930.xlsb
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1040

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1192-0-0x000007FEF7880000-0x000007FEF7AFA000-memory.dmp

    Filesize

    2.5MB