Overview
overview
10Static
static
89月资金...��.vbs
windows7-x64
19月资金...��.vbs
windows10-2004-x64
1曹/关于...�.docx
windows7-x64
1曹/关于...�.docx
windows10-2004-x64
1曹/关于...��.vbs
windows7-x64
1曹/关于...��.vbs
windows10-2004-x64
1曹/新型...��.xls
windows7-x64
10曹/新型...��.xls
windows10-2004-x64
1曹/资金...6.docx
windows7-x64
4曹/资金...6.docx
windows10-2004-x64
1Analysis
-
max time kernel
3s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
27-12-2023 12:17
Behavioral task
behavioral1
Sample
9月资金预算--QQ直接接收/审计监察部-9月份资金预算表.vbs
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9月资金预算--QQ直接接收/审计监察部-9月份资金预算表.vbs
Resource
win10v2004-20231215-en
Behavioral task
behavioral3
Sample
曹/关于上报资金预算的通知2012.8.27/关于上报资金预算的通知.docx
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
曹/关于上报资金预算的通知2012.8.27/关于上报资金预算的通知.docx
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
曹/关于上报资金预算的通知2012.8.27/陕西北元化工集团有限公司资金预算表.vbs
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
曹/关于上报资金预算的通知2012.8.27/陕西北元化工集团有限公司资金预算表.vbs
Resource
win10v2004-20231215-en
Behavioral task
behavioral7
Sample
曹/新型煤化工调研表(北元化工).xls
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
曹/新型煤化工调研表(北元化工).xls
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
曹/资金调度、资金结算上线指引_20120516.docx
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
曹/资金调度、资金结算上线指引_20120516.docx
Resource
win10v2004-20231215-en
General
-
Target
曹/资金调度、资金结算上线指引_20120516.docx
-
Size
311KB
-
MD5
dc54d018fd87216b162c0b81a74230db
-
SHA1
fd2088ac235fb4c56088967ae0efd42c480fbe69
-
SHA256
1e0e305e40a5efbb9aa30e2c6191dbcfd50363e595da066aa07f93a8a1190bd6
-
SHA512
d06eff4d06175a45d5517f9fbab7c0b31f758e8a9a66b037cacea2fabbb412de46607d7af9ecd8bcc3d73caa46299fa6b0ffdb011fca8493a91657439060014f
-
SSDEEP
6144:Aoatrf5aTbfK+hxxuj6dsd+GkzMdG08oGpeGnzVxh/Q7ID/SeW:AndgTO+Zu4sd+AGZX1xxJQ7IzSZ
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 1528 WINWORD.EXE
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
37KB
MD5bf0878e35394984f325f9bd31486ebe9
SHA1d5e1fcf5cea61695debf6786d1603eae79b62032
SHA256e79f58b78e6a7bcacae6ada886ed67cf573110683154649259d00e7bc1f88ec7
SHA512e4d37cc9e90b19a4ad6e8e7aa39369eb7c4e2751cdd288dbf6b4c886047e65fc72ce4206b9dd3e4e977303de9861fe8c38da122ab791c4bcb770c1eefb7bb56d
-
Filesize
76KB
MD5c8e862c39cdfe338515c5a82c795bdbc
SHA1b6f397c0468e240ce9064d00e630e6a612588e5f
SHA25668cfa6c8ca55cf531a1621a3973f0de45790c034791f79fc876c59ec6f0027d0
SHA512c8dd8033a0808d7879bfe15ab9b0419740c3e6385338ad52eae03dfcc796eb117eac28e53faaef1f56d40a1787aa1f89fe5592785008bb45d6a9795aec1c12c0
-
Filesize
18KB
MD530bb6d7c2150b83ca654c7d24884b491
SHA1f7b1c1d436a461d881c01e6cf5994de58b2ed2d5
SHA25665034e7e68535b260cb391cd6d6b5fbca7b812c1456884cd7b946cdde5581ab6
SHA5127c0d4bdf942083043105e067b9da14edf57fd7c854d39c4578e7f3ac574be6d24f16b7057bcef41d2ca3458ed68fc06d2a8714eb0547b80dda43278bc9f4647a
-
Filesize
2B
MD5f3b25701fe362ec84616a93a45ce9998
SHA1d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA51298c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84