Overview

overview

8

Static

static

8

399563af_b...s.xlsm

windows7_x64

1

399563af_b...s.xlsm

windows10_x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    05-05-2021 13:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    399563af_by_Libranalysis.xlsm

  • Size

    15KB

  • MD5

    399563af4221cc2c176d8f218d6a563d

  • SHA1

    72251218c8127abeab4c04944445c18bdac2688f

  • SHA256

    cc9cefa7960d991d414051f5fe153ffa514a2e687143dd2b1b6966edbbcadbec

  • SHA512

    bb0aef3126bc94f5bc32bddc96b4c6720b4eeeaa91c1a80c95039d4c88871fdc33ceef7cd579bd00d4acbc62987f9e6c0fa7efa08de81e4a4db8194f81f6ebea

Score
1/10

Malware Config

Signatures

  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\399563af_by_Libranalysis.xlsm
    1⤵
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1088

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1088-59-0x000000002F7C1000-0x000000002F7C4000-memory.dmp
    Filesize

    12KB

    Download
  • memory/1088-60-0x0000000070EB1000-0x0000000070EB3000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1088-61-0x000000005FFF0000-0x0000000060000000-memory.dmp
    Filesize

    64KB

    Download
  • memory/1088-62-0x000000005FFF0000-0x0000000060000000-memory.dmp
    Filesize

    64KB

    Download