Analysis
-
max time kernel
152s -
max time network
158s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
24-11-2022 06:25
General
-
Target
规范招商引资统计工作通知/兰洽会项目表样.xls
-
Size
140KB
-
MD5
7ab6a240638a15c039c6865608560e4d
-
SHA1
207c6fbc22b0d2830cd738c6432ec7b4e987a2c6
-
SHA256
3832e70bf5b77020c5777f2fda89230b33630c5624270a99e120dd2c82ed5cfd
-
SHA512
d3bc71c16b7287a1d2776f3ab44e8a14809e33c939b1567084868e7a8b6cad39cc1eef34603e8ebd37a5c3377bd28799f8fbd0f082731c8a7a53a741fe6e6483
-
SSDEEP
1536:PCCygMh2E2SpocBDEHJh4Qmbsjy3rXqtig3TZfoiXYS5Mh+5U6fDypnSX3ClTsRz:L5Mh+hRImKSLLs6HFntGFQ
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious use of SetWindowsHookEx 64 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\规范招商引资统计工作通知\兰洽会项目表样.xls"1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix ATT&CK v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2580-132-0x00007FF9A2D70000-0x00007FF9A2D80000-memory.dmpFilesize
64KB
-
memory/2580-133-0x00007FF9A2D70000-0x00007FF9A2D80000-memory.dmpFilesize
64KB
-
memory/2580-134-0x00007FF9A2D70000-0x00007FF9A2D80000-memory.dmpFilesize
64KB
-
memory/2580-135-0x00007FF9A2D70000-0x00007FF9A2D80000-memory.dmpFilesize
64KB
-
memory/2580-136-0x00007FF9A2D70000-0x00007FF9A2D80000-memory.dmpFilesize
64KB
-
memory/2580-137-0x00007FF9A0D10000-0x00007FF9A0D20000-memory.dmpFilesize
64KB
-
memory/2580-138-0x00007FF9A0D10000-0x00007FF9A0D20000-memory.dmpFilesize
64KB