Overview

overview

10

Static

static

10

fad30b1adc...ab.doc

windows7_x64

1

fad30b1adc...ab.doc

windows10-2004_x64

1

Analysis

  • max time kernel
    146s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    24-05-2022 21:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fad30b1adce154b10cff417f72cebd927d675d181e52b66e9a2c3b151890a9ab.doc

  • Size

    663KB

  • MD5

    8c678a24b4759a4c302c32cb72bf411e

  • SHA1

    da1172f0f65cc12834b32a24420bc1e5715841fb

  • SHA256

    fad30b1adce154b10cff417f72cebd927d675d181e52b66e9a2c3b151890a9ab

  • SHA512

    ab1b0694e8f7b5a03b88f48178f36c5ae8017f629220efd93f925a3f3033b98359572ae7c0cbfd8b9afbdc1d92d62358379af4230188a8fd5b822569d0be47c2

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\fad30b1adce154b10cff417f72cebd927d675d181e52b66e9a2c3b151890a9ab.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2044

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2044-54-0x0000000072601000-0x0000000072604000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2044-55-0x0000000070081000-0x0000000070083000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2044-56-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2044-57-0x0000000075441000-0x0000000075443000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2044-58-0x000000007106D000-0x0000000071078000-memory.dmp

    Filesize

    44KB

    Download