Analysis
-
max time kernel
179s -
max time network
238s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
25-11-2022 19:34
General
-
Target
综布标准模版(附CAD图)/综布标准模版(附CAD图)/综合布线标准模板.doc
-
Size
265KB
-
MD5
780d838bf210f7baadc96bde7aa83eab
-
SHA1
4ab18c4a4f4374b4504f792a7bec7d127098447c
-
SHA256
fe4d50d94926f6513df1a7449450b4cb5ed36bf5cec7f9406cdc043a25feb644
-
SHA512
efb2444ab681ba9e6543b8374e3d3231cc6b7d0bddf873e6e0c024da0322d60de71f5a19db995f7866f4d50e6a770c771ee1d2e94010a40e5751637cb345d8cf
-
SSDEEP
3072:ovUFldNi7QkMrmBoVRcCZxWDptN/+8KoyEg9T7:oo3i7QkvoPZEDp3/1K/9
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 3 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Enumerates system info in registry 2 TTPs 3 IoCs
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
-
Suspicious use of SetWindowsHookEx 17 IoCs
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\综布标准模版(附CAD图)\综布标准模版(附CAD图)\综合布线标准模板.doc" /o ""1⤵
- Checks processor information in registry
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1452-132-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmpFilesize
64KB
-
memory/1452-133-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmpFilesize
64KB
-
memory/1452-134-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmpFilesize
64KB
-
memory/1452-135-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmpFilesize
64KB
-
memory/1452-136-0x00007FF9A5870000-0x00007FF9A5880000-memory.dmpFilesize
64KB
-
memory/1452-137-0x00007FF9A32E0000-0x00007FF9A32F0000-memory.dmpFilesize
64KB
-
memory/1452-138-0x00007FF9A32E0000-0x00007FF9A32F0000-memory.dmpFilesize
64KB