Analysis
-
max time kernel
131s -
max time network
134s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
14-01-2021 06:56
Static task
static1
Behavioral task
behavioral1
Sample
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
NEED DRAFT discounting bank name & price LC USD48942631xls.exe
-
Size
8.8MB
-
MD5
27193c475f1439de214dbfe9c7b2c928
-
SHA1
4015a10b7970ddaf78ef79d3f4562ad6c65f9ff6
-
SHA256
77993430a884344d7de54e69aa1d4b4e0fc81327f3cf7c8d39b5aba710518fa3
-
SHA512
afac86ff53797cdaa759b548da33ecdcd026567e4e3006df8b52ab6657514d32133b3c6f06106cba4b7fa1751ad4ae38346567b208cedba2ee56ed533c53f029
Score
1/10
Malware Config
Signatures
-
Suspicious use of FindShellTrayWindow 3 IoCs
Processes:
NEED DRAFT discounting bank name & price LC USD48942631xls.exepid process 828 NEED DRAFT discounting bank name & price LC USD48942631xls.exe 828 NEED DRAFT discounting bank name & price LC USD48942631xls.exe 828 NEED DRAFT discounting bank name & price LC USD48942631xls.exe -
Suspicious use of SendNotifyMessage 3 IoCs
Processes:
NEED DRAFT discounting bank name & price LC USD48942631xls.exepid process 828 NEED DRAFT discounting bank name & price LC USD48942631xls.exe 828 NEED DRAFT discounting bank name & price LC USD48942631xls.exe 828 NEED DRAFT discounting bank name & price LC USD48942631xls.exe