Analysis
-
max time kernel
137s -
max time network
129s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
20-01-2021 06:38
General
-
Target
Purchase Order and Contract Agreement Namtip THAI CO.doc
-
Size
3.2MB
-
MD5
038db1fe98b190bdb85793f6b39bbdd8
-
SHA1
3cb9e4978cdb7e817b769ed4f13eadeac76c0014
-
SHA256
8893a5c23f09b252b052cfafadce1065e5934c1f2877a4a11e98467faee05340
-
SHA512
cff65285dc3d0968b4a29f267e3b0beb488529252f4a36e7ac9817344fea74f42beae08ac482f7ab825b34353236561689dc96cb202098af68a74de6cdeafdfc
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Purchase Order and Contract Agreement Namtip THAI CO.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
64KB
-
Filesize
6.2MB