Overview

overview

1

Static

static

1

Request fo...n.xlam

windows7-x64

1

Request fo...n.xlam

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    03/08/2023, 06:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Request for Quotation.xlam

  • Size

    7KB

  • MD5

    678653ff8c8e73a2ff4b1f7ee59850a6

  • SHA1

    72fc5b0ecbabc795eadf2655a2fd44018b605172

  • SHA256

    3feefe7fb289c78a71021ffd49ceaaf130f59cc834f78c1615f341a8aa6adb13

  • SHA512

    c1291388f4a3f1686d2d10639f2e2fb695aa9147c9a7713c31248282a30903360c8b54f30fa4d589a77ae8e1639080680b6abb8e5d340d64d6825de33174e8d6

  • SSDEEP

    96:lRHCjPyqWbVvfh4YcTjGMhVVCvkwQEeGIRf3UNa52ZUPD9lhdLootsYuL9yx9xP3:lRijGB4LqOV8vdQjmoP5JL4YugdDy0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde "C:\Users\Admin\AppData\Local\Temp\Request for Quotation.xlam"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2564

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2564-54-0x000000005FFF0000-0x0000000060000000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2564-55-0x00000000738FD000-0x0000000073908000-memory.dmp

          Filesize

          44KB

          Download

        • memory/2564-58-0x00000000738FD000-0x0000000073908000-memory.dmp

          Filesize

          44KB

          Download

        • memory/2564-60-0x000000005FFF0000-0x0000000060000000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2564-61-0x00000000738FD000-0x0000000073908000-memory.dmp

          Filesize

          44KB

          Download