Overview

overview

4

Static

static

b07178b5a1...e6.doc

windows7-x64

4

b07178b5a1...e6.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    99s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/09/2022, 08:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b07178b5a1ea3e4e6039e7650b7d061a5ef60a2e5919a3b0dfcc31e311fe69e6.doc

  • Size

    75KB

  • MD5

    afacc650a911e0fb8c702761c2ca5c14

  • SHA1

    4fbf6b9b74823bad1f6e398ee29c57a091b87b76

  • SHA256

    b07178b5a1ea3e4e6039e7650b7d061a5ef60a2e5919a3b0dfcc31e311fe69e6

  • SHA512

    d6983787666d8b920b559f3a2c03ff3570e8ba36e44d144a28353baeb8f84895f9d2c22826e9c5fab4149f5359d16a1bea442b9ec283f75a06e541f2900da30e

  • SSDEEP

    1536:alObk5iPV2vuBARsC5lclIDA80sk1PJG3QSYF+yWl4Q7LK12i0:bCu/ToA80/JUQSvy44yGL0

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 15 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\b07178b5a1ea3e4e6039e7650b7d061a5ef60a2e5919a3b0dfcc31e311fe69e6.doc" /o ""
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:3860

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3860-132-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-133-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-134-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-135-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-136-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-137-0x00007FFE708D0000-0x00007FFE708E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-138-0x00007FFE708D0000-0x00007FFE708E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-141-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-140-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-142-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3860-143-0x00007FFE73230000-0x00007FFE73240000-memory.dmp

    Filesize

    64KB

    Download