Analysis
-
max time kernel
139s -
max time network
137s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
12-03-2021 11:21
General
-
Target
7c3ec42f9c9d58944e1f1184ca77a0dffc15269e6c5ffb74dc8f09736cdfe78b.doc
-
Size
76KB
-
MD5
83a8c5c324eed728624fe1c9a50afe1c
-
SHA1
7c1eb292b812801102e59f6317f0907eaa77e136
-
SHA256
7c3ec42f9c9d58944e1f1184ca77a0dffc15269e6c5ffb74dc8f09736cdfe78b
-
SHA512
03e8806dfa9c82255adb8a02fd75f5f02988482745e0af22cdc98f30a1f4f2f341fac9d4b83f157aec62b5f6c9d38131b8bb7c9265a581892f4da2a073eebc08
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 17 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\7c3ec42f9c9d58944e1f1184ca77a0dffc15269e6c5ffb74dc8f09736cdfe78b.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/724-2-0x00007FFC10600000-0x00007FFC10610000-memory.dmpFilesize
64KB
-
memory/724-3-0x00007FFC10600000-0x00007FFC10610000-memory.dmpFilesize
64KB
-
memory/724-4-0x00007FFC10600000-0x00007FFC10610000-memory.dmpFilesize
64KB
-
memory/724-5-0x00007FFC10600000-0x00007FFC10610000-memory.dmpFilesize
64KB
-
memory/724-6-0x000001EB8A1D0000-0x000001EB8A807000-memory.dmpFilesize
6.2MB
-
memory/724-7-0x000001EB99830000-0x000001EB99834000-memory.dmpFilesize
16KB