Overview

overview

10

Static

static

1

List CDQ17...3.xlam

windows7-x64

10

List CDQ17...3.xlam

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-08-2023 05:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    List CDQ170423Q22023.xlam

  • Size

    694KB

  • MD5

    5a1c7978a1ef65ba901b4e5e8a9caee1

  • SHA1

    fb90144af9df223483577869d16de13ece9cb928

  • SHA256

    b136b1ae5839a5b1cff1d8eca50779a3b48f5c524a8f5a1e523e672a06da025d

  • SHA512

    f7fe5fbcea40ebc30f39da7200a74561fe0804583d02011b7bee54b9d77a0486964204ee5dae82ed7540fc671970d49ec5226f565d342cb6fe92ab2fc072b2a9

  • SSDEEP

    12288:aDMpuwZB5TZ4Soty1O3DvW3KJ8i45JoRbf69tj0YU7CuPmXHRLzo1/dhkh6p8Vks:wMpuw/5Td8WIiurKU7nO3ZWdhU6p8Vt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\List CDQ170423Q22023.xlam"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:4108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4108-1-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-0-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-2-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-4-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-6-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-7-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-5-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-3-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-8-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-9-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-10-0x00007FF99A0F0000-0x00007FF99A100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-11-0x00007FF99A0F0000-0x00007FF99A100000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-13-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-14-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-32-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-33-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-35-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-34-0x00007FF99C4F0000-0x00007FF99C500000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4108-36-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-37-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/4108-38-0x00007FF9DC470000-0x00007FF9DC665000-memory.dmp

    Filesize

    2.0MB

    Download