Overview

overview

1

Static

static

1

طرح ج�...�.docx

windows7-x64

1

طرح ج�...�.docx

windows10-2004-x64

1

طرح ج�...ا.pdf

windows7-x64

1

طرح ج�...ا.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    3s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    طرح جابر ریشه ها/طرح جابر ریشه ها.docx

  • Size

    3.1MB

  • MD5

    b285d8764f3955ab7fb522cfdc5533c1

  • SHA1

    5303dd1236351a99b8ce9533c9adf037ea4c0168

  • SHA256

    cbe7f6abe83a6a88e5db206cb01c3a9604644c6bb759838774857c949cc9a217

  • SHA512

    9430aeafa948eaeaa3935e69622b368a2ff3c779803695a5b1fda56ccc4952f531831b0d5cd8649239597642854a07e017cafd38fcb1f3cad89ca8af5a78e872

  • SSDEEP

    49152:ui7PxAAdhzRrTKY9DDo/TMofS/NHL4RxsaGfFluBl+brSnZtJR9ylnvpI:uiTxBTzR/KgQCHL4wqorSsvpI

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 6 IoCs
    adwarespyware

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\طرح جابر ریشه ها\طرح جابر ریشه ها.docx"
    1⤵
    • Modifies Internet Explorer settings
    PID:3064
    • C:\Windows\splwow64.exe
      C:\Windows\splwow64.exe 12288
      2⤵
        PID:2464

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Roaming\Microsoft\Templates\Normal.dotm
      Filesize

      20KB

      MD5

      06bd07d915fd13917148a745b2f4e462

      SHA1

      038dbb4472538d58df6c1a3780ae72a7b5455c25

      SHA256

      0ee2de579739dfc5c12d5c10f8c250619c214f497bc71384a23eea08029dcb49

      SHA512

      0da23c0b74ad7154aa8da7196b745205ea753df344edb9f55171cbae2e32e15ecc50485a93b7e9361fcb378f15c56817b5ffec8db997a400d3cdb192cfe62e9c

      Download Submit

    • memory/3064-0-0x000000002F5F1000-0x000000002F5F2000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3064-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3064-2-0x000000007115D000-0x0000000071168000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3064-14-0x000000007115D000-0x0000000071168000-memory.dmp

      Filesize

      44KB

      Download

    • memory/3064-35-0x000000005FFF0000-0x0000000060000000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3064-36-0x000000007115D000-0x0000000071168000-memory.dmp

      Filesize

      44KB

      Download