Overview

overview

10

Static

static

7

b3ee8c90d9...f2.apk

android-9-x86

10

b3ee8c90d9...f2.apk

android-10-x64

10

b3ee8c90d9...f2.apk

android-11-x64

10

cupcake.xml

windows7-x64

1

cupcake.xml

windows10-2004-x64

3

default_paper_1.xml

windows7-x64

1

default_paper_1.xml

windows10-2004-x64

3

default_paper_2.xml

windows7-x64

1

default_paper_2.xml

windows10-2004-x64

3

default_paper_3.xml

windows7-x64

1

default_paper_3.xml

windows10-2004-x64

3

default_sh...le.xml

windows7-x64

1

default_sh...le.xml

windows10-2004-x64

3

default_sh...rt.xml

windows7-x64

1

default_sh...rt.xml

windows10-2004-x64

3

default_sh...mb.xml

windows7-x64

1

default_sh...mb.xml

windows10-2004-x64

3

default_sh...re.xml

windows7-x64

1

default_sh...re.xml

windows10-2004-x64

3

default_sh...ar.xml

windows7-x64

1

default_sh...ar.xml

windows10-2004-x64

3

default_sh..._2.xml

windows7-x64

1

default_sh..._2.xml

windows10-2004-x64

3

default_sh...le.xml

windows7-x64

1

default_sh...le.xml

windows10-2004-x64

3

default_shape_x.xml

windows7-x64

1

default_shape_x.xml

windows10-2004-x64

3

diamond.xml

windows7-x64

1

diamond.xml

windows10-2004-x64

3

drops.xml

windows7-x64

1

drops.xml

windows10-2004-x64

3

elephant.xml

windows7-x64

1

Analysis

  • max time kernel
    143s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-07-2023 15:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    default_paper_1.xml

  • Size

    12KB

  • MD5

    9658960830d456b89affd96265707a65

  • SHA1

    39db85b2a68f9f96fa568b81c19b15156cc245b0

  • SHA256

    9f1cf380d0fa625dabe9fea026f517d1872a4eeca02ed75273347f6c25aa7cb6

  • SHA512

    5ae4e9c5b05368fbb1cef7f9d54dc6b8589726a14e291858878179b2612f3be308b6f2c667975cdedf551d653f3fd62f48635464d909d79f07545cd868745859

  • SSDEEP

    384:n8+jVDo8rIih2YqCPkquAOjOPL274icc8:HjO8MipvnS7+c8

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\default_paper_1.xml"
    1⤵
      PID:2096
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 2096 -s 448
        2⤵
        • Program crash
        PID:4336
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 408 -p 2096 -ip 2096
      1⤵
        PID:3776

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2096-134-0x00007FF9971F0000-0x00007FF9973E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/2096-133-0x00007FF957270000-0x00007FF957280000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2096-135-0x00007FF9971F0000-0x00007FF9973E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/2096-136-0x00007FF9971F0000-0x00007FF9973E5000-memory.dmp

        Filesize

        2.0MB

        Download

      • memory/2096-137-0x00007FF994C40000-0x00007FF994F09000-memory.dmp

        Filesize

        2.8MB

        Download

      • memory/2096-138-0x00007FF957270000-0x00007FF957280000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2096-139-0x00007FF9971F0000-0x00007FF9973E5000-memory.dmp

        Filesize

        2.0MB

        Download