ac07988ba9649741c59d16698f8c33295b3ff7943eeccbafe6f988e3e3c10908

Analysis

max time kernel
0s
max time network
70s
platform
windows10-2004_x64
resource
win10v2004-20231130-en
resource tags

arch:x64arch:x86image:win10v2004-20231130-enlocale:en-usos:windows10-2004-x64system
submitted
07-12-2023 16:48

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

orden de compra.xla.xls
Size

391KB
MD5

060f999d180fb2c37059815ebd76e38e
SHA1

605c01289d5b683a3d5b5eb17ebef72bfc388f91
SHA256

ac07988ba9649741c59d16698f8c33295b3ff7943eeccbafe6f988e3e3c10908
SHA512

a4449aa855a6426106516bf11499902f402ed4589fa7f11e628fec9efbcd6b8a6fcabdfb02d2fe3bf20a41889c734538e77194a011112b4dc06ae94e6b9c066e
SSDEEP

6144:Vn1m9kdbXgb8y3ZetJs0hdMJUXTdU5u/LbquQFBql4yUhNttSMS6EgU0rh:VOesblwtqSdLTdoaNQO6hQX+h

Score

1^/10

Malware Config

Signatures

C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\orden de compra.xla.xls"
1⤵
PID:3416

C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" -Embedding
1⤵
PID:2944

C:\Windows\splwow64.exe
C:\Windows\splwow64.exe 12288
2⤵
PID:828

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
1⤵
PID:3596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Office\16.0\WebServiceCache\AllUsers\officeclient.microsoft.com\8A15DF03-CB2A-49B0-93FE-5A7D980FEE1F

Filesize
158KB

MD5
37cc3dcd0714b030e2042d7bb11eb7f2

SHA1
0c02fd2e828645dae08453cca62d34d0902de472

SHA256
f214cb0d26924231c00bcfb13b6d695e004800cd35355cb18b62bd44b3ed0b00

SHA512
4957c14083e8af33318e91490df12857df9cad2c731a2344cc408858f6e7a12cca180f8c52772885667ed924081ad60b231a9b9b8870a0d00ce3a79eeab2489e

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\089d66ba04a8cec4bdc5267f42f39cf84278bb67.tbres

Filesize
2KB

MD5
d60d63f37b3c1dcddd3f07635b5b16f3

SHA1
511ec67f742325884d4b90f9709147ff94747bd3

SHA256
71e93ed90703e7a374e259e1c030c001e0e64562afb3efe03cecd3241dfc52df

SHA512
b747eee8dc65ce030bd54649d6ea09fe3a64df8befeb7c2af985a971db12fc1eb003eefbb8c587e5989efca93ab5f8337cc6ed4523cc58ebc1b23d24d4dce752

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\49dbe2955480c7f6ef8cec9c4320c9868d9293fd.tbres

Filesize
2KB

MD5
19f994fd8e5eba1b9a143e822b0f735a

SHA1
388694f15ad3bf4aa5149ccbb7625d37b79575e1

SHA256
7ec1fbca7e5aee2d52aff0566863437acf1824f217658684a910f545dda2fad8

SHA512
da14b0f5560c109fac760ecfb3a42e88364e844b005f7b00b3e44b3357da1c902e3d742f9c3e82e79a1dd44cd8bcc285d84b7d83805b37bdf1a61f3028784505

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\TokenBroker\Cache\49dbe2955480c7f6ef8cec9c4320c9868d9293fd.tbres

Filesize
2KB

MD5
19f994fd8e5eba1b9a143e822b0f735a

SHA1
388694f15ad3bf4aa5149ccbb7625d37b79575e1

SHA256
7ec1fbca7e5aee2d52aff0566863437acf1824f217658684a910f545dda2fad8

SHA512
da14b0f5560c109fac760ecfb3a42e88364e844b005f7b00b3e44b3357da1c902e3d742f9c3e82e79a1dd44cd8bcc285d84b7d83805b37bdf1a61f3028784505

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\MJXP699G\microsoftunderstandwhyneedtodeleteentirehistorycachecookieverything[1].doc

Filesize
59KB

MD5
ed5d8e3f7b96288d349f167b737b0e32

SHA1
d855f8bac1e28f42abe38db048e8839615db1be4

SHA256
f118d7b310e09917603c15c5e6199f0bc04848ff9b3042b04fc8a94720a55d44

SHA512
4b7a378ef8c805342b993129911f020b8a81eaada910329cedab1755177098a46d7c0bdea84451c8fb5801e5a998a8786a0ef57576edca169f55373ff0960037

Download Submit
memory/2944-46-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-27-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-33-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-35-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-117-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/2944-118-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/2944-119-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-115-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/2944-74-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-37-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-43-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-44-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-41-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-40-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-38-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-116-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/2944-31-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-36-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/2944-29-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-17-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-21-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-7-0x00007FFF82E70000-0x00007FFF82E80000-memory.dmp

Filesize
64KB

Download
memory/3416-15-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-8-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-1-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/3416-9-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-10-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-12-0x00007FFF82E70000-0x00007FFF82E80000-memory.dmp

Filesize
64KB

Download
memory/3416-22-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-23-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-11-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-4-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/3416-0-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/3416-6-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-2-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/3416-3-0x00007FFF84FD0000-0x00007FFF84FE0000-memory.dmp

Filesize
64KB

Download
memory/3416-5-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-73-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-20-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-19-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-18-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-16-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-13-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-14-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download
memory/3416-127-0x00007FFFC4F50000-0x00007FFFC5145000-memory.dmp

Filesize
2.0MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads