Overview

overview

8

Static

static

8

P10_Return_XLS.xls

windows7-x64

1

P10_Return_XLS.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    05-08-2023 09:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    P10_Return_XLS.xls

  • Size

    4.3MB

  • MD5

    504ae0911586df80721873efcd8fee16

  • SHA1

    2cb9d3d72fb2ed4dd7d69774f9132df013b7e270

  • SHA256

    285aeb7be25058b48c82a45a0989dbb916e918aaaa3dbae02c1af67b45a10523

  • SHA512

    305f8eccdec3a12526cb5384898c134028e16eb703bf5be983e5abafcb1523d1d0f8ec0b44644856b3982c6c5a36eb5e3a1ca9a52441a4a554be71a08730c604

  • SSDEEP

    98304:vPe/wk3JRWDsNpgLB6zMKs4oKYSiWb4B3ARnN+lJvL+M:vPaJRWQNpgLB6zMKs4oKYSiWb4B3ARnC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\P10_Return_XLS.xls
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1412-54-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1412-55-0x0000000073B9D000-0x0000000073BA8000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1412-56-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-57-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-58-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-59-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-60-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-61-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-62-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-63-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-64-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-65-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-66-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-67-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-68-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-69-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-71-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-70-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-72-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-73-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-74-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-75-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-76-0x00000000004B0000-0x00000000005B0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/1412-77-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-78-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-79-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-80-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-82-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-81-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-83-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-84-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-85-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-86-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-87-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-88-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-89-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-91-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-90-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-92-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-93-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-94-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-95-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-96-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-97-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-98-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-101-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-100-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-118-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-117-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-116-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-115-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-114-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-113-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-112-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-111-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-110-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-109-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-108-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-107-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-106-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-105-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-104-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-103-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-102-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-99-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-264-0x0000000073B9D000-0x0000000073BA8000-memory.dmp

    Filesize

    44KB

    Download

  • memory/1412-303-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-313-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-498-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-679-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-859-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-864-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-911-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-1046-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-1097-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-1229-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-1408-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-1590-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/1412-1598-0x0000000007210000-0x0000000007610000-memory.dmp

    Filesize

    4.0MB

    Download