Overview

overview

8

Static

static

8

271b4eefbd...48.doc

windows7-x64

4

271b4eefbd...48.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 03:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    271b4eefbd0a2c121f8807968cb07b48.doc

  • Size

    72KB

  • MD5

    271b4eefbd0a2c121f8807968cb07b48

  • SHA1

    9e16e6b7f99cf38705000a01d9036aacabe92f82

  • SHA256

    bdb386f324dd52a309af95beafe0b3673ab2330b8c7ffefa6b3a566f78c6d31d

  • SHA512

    201726b44642c51844c3bdac61ae7748654b3f8311a1f98a7473a520e1cdc61c2cef30b4aa4b391469c01d90582823e466989259df617e4c8ff570c63d53160e

  • SSDEEP

    768:vTo2MxOmEksGJgG4z82wZNw3B3kXrm0w9hVZzZri6Af2ph99vpWP5qQh3:vMnEk728rNuqzwPVZzZm5f2ph92RqQh3

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 13 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\271b4eefbd0a2c121f8807968cb07b48.doc" /o ""
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:3704

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Microsoft\Templates\~WRD0000.tmp
    Filesize

    41KB

    MD5

    e759c9404378156eab8817c075ddd01b

    SHA1

    4667911eb96391ad737718e974db486bfa20d67b

    SHA256

    bb9360435dddb5084b12a298cda69fc827902b46cdc4bfbf5eadc3877e275a19

    SHA512

    a3ac056b55653008b8115c68cb66b0d8455abd67ebcab351959c63f2e7b00e2a71ca20436bf94fe261f583b62974556a9f574cdcaf4bb7b2f116d367a57716e9

    Download Submit

  • memory/3704-4-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-7-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-12-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-17-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-19-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-22-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-21-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-20-0x00007FFD5B9B0000-0x00007FFD5B9C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-18-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-16-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-15-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-14-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-13-0x00007FFD5B9B0000-0x00007FFD5B9C0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-10-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-9-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-27-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-3-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-28-0x0000014A4E9C0000-0x0000014A4EBC0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-11-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-6-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-63-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-2-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-44-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-5-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-1-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-0-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-64-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-74-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-75-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-79-0x0000014A4E9C0000-0x0000014A4EBC0000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-80-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-81-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-82-0x0000014A4C790000-0x0000014A4D760000-memory.dmp

    Filesize

    15.8MB

    Download

  • memory/3704-8-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/3704-115-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-116-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-117-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-118-0x00007FFD5E110000-0x00007FFD5E120000-memory.dmp

    Filesize

    64KB

    Download

  • memory/3704-119-0x00007FFD9E090000-0x00007FFD9E285000-memory.dmp

    Filesize

    2.0MB

    Download