Overview

overview

8

Static

static

8

0baebe6b45...ef.doc

windows7-x64

4

0baebe6b45...ef.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    205s
  • max time network
    210s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/11/2022, 21:42

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0baebe6b45f0df06ebf8f0c5e85ec813a9a1382e6aeb56f25abf891577338bef.doc

  • Size

    75KB

  • MD5

    98cc65ede97e75f6e69afc22ca9bed9c

  • SHA1

    40114416e7de4a50131d12f88ae198cdf30a52d0

  • SHA256

    0baebe6b45f0df06ebf8f0c5e85ec813a9a1382e6aeb56f25abf891577338bef

  • SHA512

    ce0d53698677f5744e564bf824ef66f2772d0dd27c963f715509e50a14e89eb145e22e714d45b8c5f1b37a957d2d4757bcb63290d212ca789d6cc89114fb825b

  • SSDEEP

    768:Yq0qOVL9sXMtNAnpQUzv1CAPowxtLLR4vrpXI6joLFDzA:Yq0qOVMMt2KUsAPowR+pI6MhD

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\0baebe6b45f0df06ebf8f0c5e85ec813a9a1382e6aeb56f25abf891577338bef.doc" /o ""
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:224

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/224-132-0x00007FFBF2B50000-0x00007FFBF2B60000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-133-0x00007FFBF2B50000-0x00007FFBF2B60000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-134-0x00007FFBF2B50000-0x00007FFBF2B60000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-135-0x00007FFBF2B50000-0x00007FFBF2B60000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-136-0x00007FFBF2B50000-0x00007FFBF2B60000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-137-0x00007FFBF0290000-0x00007FFBF02A0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-138-0x00007FFBF0290000-0x00007FFBF02A0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/224-146-0x0000017CDF491000-0x0000017CDF49C000-memory.dmp

          Filesize

          44KB

          Download

        • memory/224-145-0x0000017CDF491000-0x0000017CDF49C000-memory.dmp

          Filesize

          44KB

          Download