Analysis
-
max time kernel
0s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
25-12-2023 06:48
Behavioral task
behavioral1
Sample
0cb2cc1e354001079f76262a1af28f52.xlsm
Resource
win7-20231215-en
7 signatures
150 seconds
Behavioral task
behavioral2
Sample
0cb2cc1e354001079f76262a1af28f52.xlsm
Resource
win10v2004-20231222-en
1 signatures
150 seconds
General
-
Target
0cb2cc1e354001079f76262a1af28f52.xlsm
-
Size
186KB
-
MD5
0cb2cc1e354001079f76262a1af28f52
-
SHA1
48e3d60e2e2a7502f2b5a9668276910ceaeb2501
-
SHA256
6e486da9c8430de910b8d1f3c86b4f1dd787591232f854b3d1d77d39606014cb
-
SHA512
e52feb77954bc9407d12f684ebac6e97e7227e4b6340ca20324a342fec7be6a6be566ea0a9a366c802bd2ca131cf49e7822cf62f986b7626527a1203929f5fef
-
SSDEEP
3072:8AuXDusrJcGUAUpF2e/RIiZmxjTH0Fq2yIyJFZqcN+KCiSsYErzSK/Xkp1:8AuTRcGUlFzy4mpTHdrUc3/SsYAS7
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 216 EXCEL.EXE
Processes
-
C:\Windows\SYSTEM32\regsvr32.exeregsvr32 -silent ..\ALBATROS1.dll1⤵PID:4600
-
C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE"C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\0cb2cc1e354001079f76262a1af28f52.xlsm"1⤵
- Suspicious use of SetWindowsHookEx
PID:216