Analysis
-
max time kernel
124s -
max time network
137s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
23/08/2023, 11:10
Behavioral task
behavioral1
Sample
12334a40680a030287e4cea05814bd6ab05e3b2f2a62aec82fc6361cc829c702.dotm
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
12334a40680a030287e4cea05814bd6ab05e3b2f2a62aec82fc6361cc829c702.dotm
Resource
win10v2004-20230703-en
General
-
Target
12334a40680a030287e4cea05814bd6ab05e3b2f2a62aec82fc6361cc829c702.dotm
-
Size
88KB
-
MD5
549b22eeb538376e7b2c63f30f137075
-
SHA1
9aaef66898d85b521529e3894ddf36cf09956534
-
SHA256
12334a40680a030287e4cea05814bd6ab05e3b2f2a62aec82fc6361cc829c702
-
SHA512
60bc2aab14648d674b64fe0a08da5da748e45ae4e3f92976ee306be6be0ded56f42d8dc05e0952cd967e3e1388e9b8f3f456d4aa9a98919a153465bb4a678211
-
SSDEEP
1536:ShmtdtKPA0eNmWq5vYm8y69aUMBjyTxFBKozOPndxOxDJBoPJv130SE3F:SEjJ0eO5b8ynUMBudFBsjOXBoPJv130F
Malware Config
Signatures
-
Suspicious behavior: AddClipboardFormatListener 2 IoCs
pid Process 2932 WINWORD.EXE 2932 WINWORD.EXE -
Suspicious use of SetWindowsHookEx 7 IoCs
pid Process 2932 WINWORD.EXE 2932 WINWORD.EXE 2932 WINWORD.EXE 2932 WINWORD.EXE 2932 WINWORD.EXE 2932 WINWORD.EXE 2932 WINWORD.EXE
Processes
-
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\12334a40680a030287e4cea05814bd6ab05e3b2f2a62aec82fc6361cc829c702.dotm" /o ""1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
PID:2932