Analysis
-
max time kernel
139s -
max time network
132s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
12-03-2021 10:07
General
-
Target
documenti 03.21.doc
-
Size
76KB
-
MD5
ed2095f86caf3ad326e7fe4525ada361
-
SHA1
0b6773c537cc384531bde6c005b0b4a982556ab4
-
SHA256
ee1de698f92e76aa39edb050d910876a940bf8976aa15c8cad50600c644cbe6a
-
SHA512
375da8917f2793e961d2473fe1351c8b47341eaf7a0e544b0b0d09a77bec59de135d9b314bb1dc2262bb9a79056fd46707b40aa5cea8a0727d2ef7d30f19774f
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 17 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\documenti 03.21.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/648-2-0x00007FF9C3DC0000-0x00007FF9C3DD0000-memory.dmpFilesize
64KB
-
memory/648-3-0x00007FF9C3DC0000-0x00007FF9C3DD0000-memory.dmpFilesize
64KB
-
memory/648-4-0x00007FF9C3DC0000-0x00007FF9C3DD0000-memory.dmpFilesize
64KB
-
memory/648-5-0x0000023885720000-0x0000023885D57000-memory.dmpFilesize
6.2MB
-
memory/648-6-0x00007FF9C3DC0000-0x00007FF9C3DD0000-memory.dmpFilesize
64KB
-
memory/648-7-0x0000023894BF0000-0x0000023894BF4000-memory.dmpFilesize
16KB