Overview

overview

1

Static

static

3fbbdcd200...00.xls

windows7-x64

1

3fbbdcd200...00.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    179s
  • max time network
    225s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 19:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3fbbdcd2002c3b1193bb008e373eebe32fb9d6abfa019b6d10e9a62726bed800.xls

  • Size

    30KB

  • MD5

    014d5922485f1764f7ec3807e394e458

  • SHA1

    a890b6f8d2ee125252ce2935d69d9f89098d6684

  • SHA256

    3fbbdcd2002c3b1193bb008e373eebe32fb9d6abfa019b6d10e9a62726bed800

  • SHA512

    e8ee8933292d4392515b51b7241ca6605d3f037503b524a290fa139451055e45940aca7964ce797828a504ea510de3558a8731d54af6cf11a7230f02f7399396

  • SSDEEP

    768:0ttttB9oJR2OqYOJkzP7X6U5yWyVhIDxAe+j1:0ttttB9oZ5yWyVCVM

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 14 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\3fbbdcd2002c3b1193bb008e373eebe32fb9d6abfa019b6d10e9a62726bed800.xls"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2376

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2376-132-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-133-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-134-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-135-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-136-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-137-0x00007FF9A32E0000-0x00007FF9A32F0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-138-0x00007FF9A32E0000-0x00007FF9A32F0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-155-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-157-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-156-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download
  • memory/2376-158-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmp
    Filesize

    64KB

    Download