Analysis
-
max time kernel
278s -
max time network
360s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
23-11-2022 12:54
General
-
Target
has been verified. However PDF, IMG, docx, .xls
-
Size
1.0MB
-
MD5
b18fd4de724718b8d1fa887d94731da4
-
SHA1
97377a93c7fe211badd89a8a3f6ac46e85ae1926
-
SHA256
86fdff90584064c135a98f05986da5a03bd67abe414f1d8f5fbdbf4249430019
-
SHA512
ec54ded9bb21cb3b653ae3835960306d4b809dd353a365c21ed932845b20b7b30f80fb1c6e039fbfa06cd828d6fb5a8e28be73293b940bada5d2a378d21622cf
-
SSDEEP
24576:Qr5XXXXXXXXXXXXUXXXXXXXSXXXXXXXXhmpr5XXXXXXXXXXXXUXXXXXXXSXXXXXL:kxuzt
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\has been verified. However PDF, IMG, docx, .xls"1⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3120-132-0x00007FF960090000-0x00007FF9600A0000-memory.dmpFilesize
64KB
-
memory/3120-133-0x00007FF960090000-0x00007FF9600A0000-memory.dmpFilesize
64KB
-
memory/3120-134-0x00007FF960090000-0x00007FF9600A0000-memory.dmpFilesize
64KB
-
memory/3120-135-0x00007FF960090000-0x00007FF9600A0000-memory.dmpFilesize
64KB
-
memory/3120-136-0x00007FF960090000-0x00007FF9600A0000-memory.dmpFilesize
64KB
-
memory/3120-137-0x00007FF95DB80000-0x00007FF95DB90000-memory.dmpFilesize
64KB