Analysis
-
max time kernel
175s -
max time network
203s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
22-11-2022 21:27
General
-
Target
f88a9beabec75fc688e70e0493b03f63.doc
-
Size
22KB
-
MD5
f88a9beabec75fc688e70e0493b03f63
-
SHA1
b8dba68da2148e6024f0edf8280238e28a225a7c
-
SHA256
c52cc1c9962580a704649ec255cdb29d2aa9f3b6ea6a812acb56fa8ffabdbbb6
-
SHA512
7aa397a1824d1545c9590273bc45bbf694e2077f6e966656b3811791b38ddf1b3f14e4da134213471999689a6e2a8944a490728081cca6b35d73b03d5c851507
-
SSDEEP
384:am+peI/iGNIt56STxhukyzQ/+CKg45D/KEStS5:H+peIqGe56HW+5gUrjV
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 21 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\f88a9beabec75fc688e70e0493b03f63.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/4696-135-0x00007FF7D09D0000-0x00007FF7D09E0000-memory.dmpFilesize
64KB
-
memory/4696-136-0x00007FF7D09D0000-0x00007FF7D09E0000-memory.dmpFilesize
64KB
-
memory/4696-137-0x00007FF7D09D0000-0x00007FF7D09E0000-memory.dmpFilesize
64KB
-
memory/4696-138-0x00007FF7D09D0000-0x00007FF7D09E0000-memory.dmpFilesize
64KB
-
memory/4696-139-0x00007FF7D09D0000-0x00007FF7D09E0000-memory.dmpFilesize
64KB
-
memory/4696-140-0x00007FF7CE970000-0x00007FF7CE980000-memory.dmpFilesize
64KB
-
memory/4696-141-0x00007FF7CE970000-0x00007FF7CE980000-memory.dmpFilesize
64KB