Overview

overview

8

Static

static

8

Regulations.doc

windows7-x64

1

Regulations.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    4s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    25-03-2023 21:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Regulations.doc

  • Size

    290KB

  • MD5

    632fd12bde5970402ad44c47964a38ea

  • SHA1

    4660966973896459b262ee829a7ff81665b3958b

  • SHA256

    a715eb5ce9ebef16036dae851a62c8dd16c187e0c48576ae6dcd298872f55c36

  • SHA512

    c6b80a1e7aff0280659d620a9b8929f6de7600b5f849ffa4a341033d73079eb6caf12de426f8ef2c22673244e0caaeb9d848d093f6d590307d6a95eb7c5dbf34

  • SSDEEP

    3072:n9nytLPk8keiNKeWoGjtEID4fd4WIFgwR7mTFA02105VCM7agqCpnUgm:UtjzkKjtEIDCsSTFt2wVCaagqCRUgm

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 16 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Regulations.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1204

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1204-54-0x000000005FFF0000-0x0000000060000000-memory.dmp
    Filesize

    64KB

    Download