Overview

overview

4

Static

static

1

d7a5dd9a34...c6.rtf

windows7-x64

4

d7a5dd9a34...c6.rtf

windows10-2004-x64

1

Analysis

  • max time kernel
    0s
  • max time network
    135s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/12/2023, 15:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d7a5dd9a349fc5f8595e9408d3af28c6.rtf

  • Size

    287KB

  • MD5

    d7a5dd9a349fc5f8595e9408d3af28c6

  • SHA1

    d11bf55d07256616f369199cc524593c75c45b64

  • SHA256

    c232d7c6db5a2b0d8f97e97652666c78dc68288c9cd5920d2f33e3b3f86c6d09

  • SHA512

    788b290d01a651671fd43ce2dc190838f8a768081c5609bd27ef822dd16a9f9644394a0684c5f6f62c0dd6f642aac1cf46678aac511fc5dcb493fc42b5615071

  • SSDEEP

    1536:zBoFRk3F/uWU3D/qO0bi49dIxOSnxFQjx4Xs7mmhL2qQJBpqQur4r5Ly+SCxSHRP:zARO/uWUekHnxSjTLhqRJjN8tAUp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\d7a5dd9a349fc5f8595e9408d3af28c6.rtf" /o ""
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1376

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1376-4-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-8-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-11-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-13-0x00007FF810A00000-0x00007FF810A10000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-17-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-16-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-19-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-18-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-20-0x00007FF810A00000-0x00007FF810A10000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-15-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-14-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-12-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-10-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-9-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-7-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-6-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-5-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-3-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-2-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-1-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-0-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-37-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-60-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-63-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-65-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-64-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-62-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-61-0x00007FF8532B0000-0x00007FF8534A5000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/1376-59-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download

        • memory/1376-58-0x00007FF813330000-0x00007FF813340000-memory.dmp

          Filesize

          64KB

          Download