4de715cc8efe759c913068845833cf69bc46e3ab96ce6ee9a005468638b4415a

Analysis

max time kernel
136s
max time network
162s
platform
windows10-2004_x64
resource
win10v2004-20230824-en
resource tags

arch:x64arch:x86image:win10v2004-20230824-enlocale:en-usos:windows10-2004-x64system
submitted
26/08/2023, 14:28

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4de715cc8efe759c913068845833cf69bc46e3ab96ce6ee9a005468638b4415a_JC.xlam
Size

599KB
MD5

f383adacdac479322a5c37c90edf8162
SHA1

d3bf7075832e55aabe76f5256d58bb45f18f9704
SHA256

4de715cc8efe759c913068845833cf69bc46e3ab96ce6ee9a005468638b4415a
SHA512

0f73a5b978e3f27a43abd1bb2a3bc6a9ae04a11c5ac98ed180c60f31416080a49f0c0d194eb0bc14c0db9585e382cd4e7e471647bbc62a9d9e6ff570bebae481
SSDEEP

12288:EEnW3raLk/10xzHtsYpjRLh4Oj0zkRaFwGy5OQPF5EGfeKLRh:NZXFOYpjh+I0gR/MQP3Jfeo

Score

1^/10

Malware Config

Signatures

Suspicious behavior: AddClipboardFormatListener 1 IoCs

pid	Process
2592	EXCEL.EXE

Suspicious use of FindShellTrayWindow 2 IoCs

pid	Process
2592	EXCEL.EXE
2592	EXCEL.EXE

Suspicious use of SetWindowsHookEx 8 IoCs

pid	Process
2592	EXCEL.EXE
2592	EXCEL.EXE
2592	EXCEL.EXE
2592	EXCEL.EXE
2592	EXCEL.EXE
2592	EXCEL.EXE
2592	EXCEL.EXE
2592	EXCEL.EXE

C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\4de715cc8efe759c913068845833cf69bc46e3ab96ce6ee9a005468638b4415a_JC.xlam"
1⤵
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of FindShellTrayWindow
- Suspicious use of SetWindowsHookEx
PID:2592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2592-1-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-0-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-2-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-5-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-4-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-3-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-7-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-8-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-9-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-6-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-10-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-11-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-12-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-13-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-14-0x00007FFFB4690000-0x00007FFFB46A0000-memory.dmp

Filesize
64KB

Download
memory/2592-15-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-16-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-17-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-18-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-19-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-21-0x00007FFFB4690000-0x00007FFFB46A0000-memory.dmp

Filesize
64KB

Download
memory/2592-22-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-23-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-24-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-25-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-26-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-27-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-28-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-29-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-30-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-31-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-32-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-33-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-34-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-35-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-36-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-37-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-38-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-56-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-58-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-57-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-59-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-60-0x00007FFFB6E90000-0x00007FFFB6EA0000-memory.dmp

Filesize
64KB

Download
memory/2592-61-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-62-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download
memory/2592-63-0x00007FFFF6E10000-0x00007FFFF7005000-memory.dmp

Filesize
2.0MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads