Overview

overview

10

Static

static

1

SecuriteIn...86.rtf

windows7-x64

10

SecuriteIn...86.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/08/2023, 09:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.Exploit.CVE-2018-0798.4.2225.2886.rtf

  • Size

    55KB

  • MD5

    89c1a747633c6879f7e633457d14b78a

  • SHA1

    7c78265b0650dca3b734749b990d3d220ef1f6ff

  • SHA256

    e4acb36fb68cfcaf788ee4ffb0573403cec1d9ef97cd88c122d06b1e5472e176

  • SHA512

    dc3e7fd23847afa967e6e46681648b1e4ddeedc653e0609acfd32e1490fd0a284d1132e205fdf621e6481e033309401451af0e3ea0f4f7ce1dc7adb474b389d4

  • SSDEEP

    1536:3wAlRAvn5D4fG5zxXxC06UXRzjYRsG2u20RtE6a7+x1duhnGtSAOSUIxMv:3wAlmvn5D4iVxCtUXRzjYRsG120RtE6U

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Exploit.CVE-2018-0798.4.2225.2886.rtf" /o ""
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:432

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/432-1-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-0-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-3-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-2-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-4-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-5-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-6-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-7-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-8-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-9-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-10-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-11-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-12-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-13-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-14-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-15-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-16-0x00007FFCC1EF0000-0x00007FFCC1F00000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-17-0x00007FFCC1EF0000-0x00007FFCC1F00000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-21-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-22-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-23-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-24-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-52-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-54-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-57-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-56-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-55-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-53-0x00007FFCC4850000-0x00007FFCC4860000-memory.dmp

          Filesize

          64KB

          Download

        • memory/432-58-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/432-59-0x00007FFD047D0000-0x00007FFD049C5000-memory.dmp

          Filesize

          2.0MB

          Download