Overview

overview

1

Static

static

1

ef0846660b...8.xlsx

windows7-x64

1

ef0846660b...8.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 10:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef0846660b1a9c6eda71db9bcde56b68.xlsx

  • Size

    8KB

  • MD5

    ef0846660b1a9c6eda71db9bcde56b68

  • SHA1

    2a8031b44a6532bf4a41ca6958a0130da826bc1e

  • SHA256

    7243afee07e3d97aa7665aeec58575e671fa2349c56196827dcc8189da78e9f5

  • SHA512

    708a60775386cef0aa6c49bf972cc28f1626b1b54190d5bf58df6bd4c91024668fe9d4704e6c9aac87892fe6ef81cc7c85ad64704eadf5dc9eb25d44080047ad

  • SSDEEP

    192:HDP1tByOVsvqQOWvXvMPX0/HjzjBZ/pA0OZTYuJZ5BKp4AN9/s3TwER:HDP1tVsy7WvXvCO11nuJZ5BKp4AN9/sJ

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 15 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\ef0846660b1a9c6eda71db9bcde56b68.xlsx"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:3504

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3504-1-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3504-0-0x00007FFBA9970000-0x00007FFBA9980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-3-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3504-2-0x00007FFBA9970000-0x00007FFBA9980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-5-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3504-6-0x00007FFBA9970000-0x00007FFBA9980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-8-0x00007FFBA9970000-0x00007FFBA9980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-4-0x00007FFBA9970000-0x00007FFBA9980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-7-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3504-9-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3504-10-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3504-11-0x00007FFBA7410000-0x00007FFBA7420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-12-0x00007FFBA7410000-0x00007FFBA7420000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3504-17-0x00007FFBE98F0000-0x00007FFBE9AE5000-memory.dmp

    Filesize

    2.0MB

    Download