Analysis
-
max time kernel
297s -
max time network
276s -
platform
windows7_x64 -
resource
win7v20210408 -
submitted
20-07-2021 11:03
General
-
Target
Despacho_de_informacion.doc
-
Size
178KB
-
MD5
d51027ccc08c7a7bf42e481e85196136
-
SHA1
02abd7025f5e3a721676714410c66fc5b8d95f22
-
SHA256
38473a7da74c7513b8b26550778e6c10337bfa0c8037a5ec1040200c324dcc5b
-
SHA512
008279cd4e860de0279b66eac71e2b9da31418e566d2e8f6be4e59cfdb7f192614aaeb838d1a3fea151804ec0f2fac6b093127fe1c8cdfc86c9caacfa69f0fc4
Score
1/10
Malware Config
Signatures
-
Office loads VBA resources, possible macro or embedded object present
-
Modifies Internet Explorer settings 1 TTPs 9 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious use of FindShellTrayWindow 2 IoCs
-
Suspicious use of SetWindowsHookEx 21 IoCs
Processes
-
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE"C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Despacho_de_informacion.doc"1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1624-59-0x0000000072B31000-0x0000000072B34000-memory.dmpFilesize
12KB
-
memory/1624-60-0x00000000705B1000-0x00000000705B3000-memory.dmpFilesize
8KB
-
memory/1624-61-0x000000005FFF0000-0x0000000060000000-memory.dmpFilesize
64KB
-
memory/1624-62-0x0000000075551000-0x0000000075553000-memory.dmpFilesize
8KB