Analysis
-
max time kernel
136s -
max time network
146s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
13-03-2021 12:51
General
-
Target
dettagli-03.21.doc
-
Size
76KB
-
MD5
084eaa78393d9b431e709a32bb5e6d64
-
SHA1
b4306fcd6d15185ae9f0f37f9363fe858b2453d0
-
SHA256
4b02ac4b78c52df20067a51effb006597724a42bb797a68660e94c2358aa5cd3
-
SHA512
3848f1ada0e4ac4f460909b43685260455bcc5e1c4d1b8b19ea8c3d35812bb72bfe92fff567f84e765b008b8630bb4b7216ff6b1a5a106ba35a80237616fe5f4
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 17 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\dettagli-03.21.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4716-2-0x00007FF965210000-0x00007FF965220000-memory.dmpFilesize
64KB
-
memory/4716-3-0x00007FF965210000-0x00007FF965220000-memory.dmpFilesize
64KB
-
memory/4716-4-0x00007FF965210000-0x00007FF965220000-memory.dmpFilesize
64KB
-
memory/4716-5-0x000002278A910000-0x000002278AF47000-memory.dmpFilesize
6.2MB
-
memory/4716-6-0x00007FF965210000-0x00007FF965220000-memory.dmpFilesize
64KB
-
memory/4716-7-0x0000022799000000-0x0000022799004000-memory.dmpFilesize
16KB