Overview

overview

8

Static

static

8

f88a9beabe...63.doc

windows7-x64

1

f88a9beabe...63.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    22-11-2022 21:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f88a9beabec75fc688e70e0493b03f63.doc

  • Size

    22KB

  • MD5

    f88a9beabec75fc688e70e0493b03f63

  • SHA1

    b8dba68da2148e6024f0edf8280238e28a225a7c

  • SHA256

    c52cc1c9962580a704649ec255cdb29d2aa9f3b6ea6a812acb56fa8ffabdbbb6

  • SHA512

    7aa397a1824d1545c9590273bc45bbf694e2077f6e966656b3811791b38ddf1b3f14e4da134213471999689a6e2a8944a490728081cca6b35d73b03d5c851507

  • SSDEEP

    384:am+peI/iGNIt56STxhukyzQ/+CKg45D/KEStS5:H+peIqGe56HW+5gUrjV

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\f88a9beabec75fc688e70e0493b03f63.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2040

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2040-54-0x00000000722B1000-0x00000000722B4000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2040-55-0x000000006FD31000-0x000000006FD33000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2040-56-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2040-57-0x0000000075991000-0x0000000075993000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2040-58-0x0000000070D1D000-0x0000000070D28000-memory.dmp

    Filesize

    44KB

    Download