Overview

overview

1

Static

static

1

Tabella WISC IV .xls

windows7-x64

1

Tabella WISC IV .xls

windows10-2004-x64

1

Analysis

  • max time kernel
    61s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20230703-it
  • resource tags

    arch:x64arch:x86image:win7-20230703-itlocale:it-itos:windows7-x64systemwindows
  • submitted
    04/07/2023, 08:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Tabella WISC IV .xls

  • Size

    217KB

  • MD5

    ab508b6d05770193801612fec08c4306

  • SHA1

    b5b8f0813c9d89e61c0cf86ab2a222cd54cc5af0

  • SHA256

    bbc12b05e82f2037de360449cd485c68a09cfd89270855e7650b102f859a29e0

  • SHA512

    b5f83a6344691d1e6dba6379d9d572cd9125945409ae610e48df0dd51afb54647ce568bc9060c13ad8b64a51eeebe7449c4867256c78e328ab52de24f304161c

  • SSDEEP

    6144:4YwngDWE2uUtffTOzYFpqlTsG3IBu0sw:4HyWE2uUZzFv/Bu

Score
1/10

Malware Config

Signatures

  • Office loads VBA resources, possible macro or embedded object present
  • Enumerates system info in registry 2 TTPs 1 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde "C:\Users\Admin\AppData\Local\Temp\Tabella WISC IV .xls"
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2200

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2200-54-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2200-55-0x0000000002FE0000-0x00000000030E0000-memory.dmp

    Filesize

    1024KB

    Download