Overview

overview

8

Static

static

8

Inf-855.xls

windows7_x64

6

Inf-855.xls

windows10_x64

1

Resubmissions

17/12/2020, 18:26

201217-fl25lwqv5n 10

08/12/2020, 18:10

201208-ejh9brbyes 8

Analysis

  • max time kernel
    139s
  • max time network
    136s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    08/12/2020, 18:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Inf-855.xls

  • Size

    31KB

  • MD5

    7c7dfa4acc8c7767eded7450a434a355

  • SHA1

    2ee1b3d1376ca3c953fcf2385a478367be408b25

  • SHA256

    c94ac6548943c1f9a85ed599a81ce7fefa81092ee7ad9cce48b3d46a522a9773

  • SHA512

    4c2d9ef6374a9d98c1c0608ef0c1d73a41a3bcac917a7320d0f051dabf9a732dd2efc1cd0299599918d81f59223c5c6003e9153bc89c1c661618dcffd0b2dd6b

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\Inf-855.xls"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:648

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/648-2-0x00007FF91E6F0000-0x00007FF91ED27000-memory.dmp

    Filesize

    6.2MB

    Download