Overview

overview

4

Static

static

1

8f8e290d31...73.rar

windows7-x64

3

8f8e290d31...73.rar

windows10-2004-x64

3

˰־...��.doc

windows7-x64

4

˰־...��.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2023, 08:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ˰־˰ 6.14.doc

  • Size

    1.9MB

  • MD5

    2c1e195b5db7a6db9ea90ab1c4e48af4

  • SHA1

    5a7ae143eef06bacd1ee1235fad98a5a42e33034

  • SHA256

    8d0e76bea76e30af1dcaa96133fe055ab1b6a806efd81fadc05d4e3551d99ccd

  • SHA512

    8205e404f12ef4a6a6571bf4ddcbc9cf150e3490096fa1c37cd699fdc69528f6ff413e2857bb1c900ca239fe7c6c97fde0556dfeae98d3efda9cb58571362a77

  • SSDEEP

    49152:QdlNZtptFikZben9cHUKnNEKYomAJX358ZjgS8TqfEjHcus33okI:WlNZN49cniKXJfeypG3okI

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 15 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\˰־˰ 6.14.doc" /o ""
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Templates\~WRD0000.tmp
    Filesize

    23KB

    MD5

    41228f80b7f8ea3f77641a9c0365f0c6

    SHA1

    c7aa1ff1e2fb5a9d7f4bb3edad64098e474d3dd2

    SHA256

    f9e07f94425f19cec1f15401b316b884db7b7ffad317627521addbddc449fc80

    SHA512

    054996aad05df9740affbb5a478ab1d4ca128725aff22cabba20902210933be4444abc7a5f8319e6034ac24888d996cbd0e224a4b47fe72f5f4113696e9ad9f0

    Download Submit

  • memory/1228-0-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-1-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-2-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-3-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-4-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-5-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-6-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-7-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-8-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-9-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-10-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-12-0x00007FFC61190000-0x00007FFC611A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-13-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-11-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-14-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-15-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-16-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-17-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-19-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-20-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-21-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-18-0x00007FFC61190000-0x00007FFC611A0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-23-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-22-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-33-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-42-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-43-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-44-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-45-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-46-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-47-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-48-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-49-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-50-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-51-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-52-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-53-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-54-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-58-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-59-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-63-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-64-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-65-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-66-0x0000028FAFA30000-0x0000028FB0A00000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/1228-98-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-99-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-102-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-101-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1228-103-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-104-0x00007FFCA3650000-0x00007FFCA3845000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1228-100-0x00007FFC636D0000-0x00007FFC636E0000-memory.dmp

    Filesize

    64KB

    Download