Analysis
-
max time kernel
139s -
max time network
132s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
02-03-2021 09:24
General
-
Target
interessat_792258.doc
-
Size
211KB
-
MD5
817a8de3792782a6a848d2c9e9ccb987
-
SHA1
4c5cd45dc9d6ae543f0cd6e26252ceadda83611f
-
SHA256
112b81749cfa5144facbbb739869ffc4679f9f7b41ad76965dcd478081f7a5e9
-
SHA512
08eeead41bae9ec76d28ff07e395d4b850b80aa3cd31163e5ba59bedf01697db11c9eccb9a4518f68c9b51f84b1fe4adaf4114a4e13dc4dc7ade6204579082ab
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 17 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\interessat_792258.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1052-2-0x00007FFE80C20000-0x00007FFE80C30000-memory.dmpFilesize
64KB
-
memory/1052-3-0x00007FFE80C20000-0x00007FFE80C30000-memory.dmpFilesize
64KB
-
memory/1052-4-0x00007FFE80C20000-0x00007FFE80C30000-memory.dmpFilesize
64KB
-
memory/1052-5-0x00007FFE80C20000-0x00007FFE80C30000-memory.dmpFilesize
64KB
-
memory/1052-6-0x00000268A14C0000-0x00000268A1AF7000-memory.dmpFilesize
6.2MB
-
memory/1052-7-0x00000268AECD0000-0x00000268AECD4000-memory.dmpFilesize
16KB