Overview

overview

10

Static

static

8

samples (2) (4).zip

windows7-x64

1

samples (2) (4).zip

windows10-2004-x64

1

10d1a82f3c...61.exe

windows7-x64

1

10d1a82f3c...61.exe

windows10-2004-x64

1

133dd26c0a...f0.exe

windows7-x64

10

133dd26c0a...f0.exe

windows10-2004-x64

10

1ab3aad04e...7d.exe

windows7-x64

6

1ab3aad04e...7d.exe

windows10-2004-x64

1

1ad4c9e3d0...7d.exe

windows7-x64

1

1ad4c9e3d0...7d.exe

windows10-2004-x64

1

27cc1f6adc...35.wsf

windows7-x64

8

27cc1f6adc...35.wsf

windows10-2004-x64

8

35b7dbc8a3...31.exe

windows7-x64

9

35b7dbc8a3...31.exe

windows10-2004-x64

10

3716dc17e9...c6.dll

windows7-x64

1

3716dc17e9...c6.dll

windows10-2004-x64

3

5e94c0f064...2e.exe

windows7-x64

6

5e94c0f064...2e.exe

windows10-2004-x64

7

70f166f51e...ad.exe

windows7-x64

1

70f166f51e...ad.exe

windows10-2004-x64

1

93dc1dee6b...1a.chm

windows7-x64

10

93dc1dee6b...1a.chm

windows10-2004-x64

10

a37f77fafa...58.ps1

windows7-x64

1

a37f77fafa...58.ps1

windows10-2004-x64

1

b875cc39a6...395.js

windows7-x64

8

b875cc39a6...395.js

windows10-2004-x64

8

b906da71fe...be.exe

windows7-x64

1

b906da71fe...be.exe

windows10-2004-x64

1

bae7ee765f...c.docm

windows7-x64

1

bae7ee765f...c.docm

windows10-2004-x64

1

c3fdcec878...07.exe

windows7-x64

4

c3fdcec878...07.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    163s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01-01-2024 15:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bae7ee765f1ec70ca4a9a734abecca822860c67ed6b42f8bab49ab2b34808eac.docm

  • Size

    21KB

  • MD5

    0a09b1ddda6cf6c1d2e52566986cc379

  • SHA1

    2c779063e1393af486c0e81431bbb4e682afd586

  • SHA256

    bae7ee765f1ec70ca4a9a734abecca822860c67ed6b42f8bab49ab2b34808eac

  • SHA512

    35ad11c57050d707d5d46ee6dbd119f9c44993b0c014c9efc5f85bc69fc5251e7d4585cb5acac434e1cdf63b99f57dcbc00c43b671c2b68a41b987ccee36b606

  • SSDEEP

    384:CTeEJwk57y4uCo4wB2Z1xG7tlBcxXw6besz2h:3Ohy7UZbKlBcxA6beszG

Score
1/10

Malware Config

Signatures

  • Office loads VBA resources, possible macro or embedded object present
  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\bae7ee765f1ec70ca4a9a734abecca822860c67ed6b42f8bab49ab2b34808eac.docm"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:2656

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2656-0-0x000000002F611000-0x000000002F612000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2656-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2656-2-0x000000007186D000-0x0000000071878000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2656-5-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-6-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-7-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-8-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-9-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-10-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-12-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-11-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-13-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-14-0x000000007186D000-0x0000000071878000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2656-15-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2656-16-0x00000000007D0000-0x00000000008D0000-memory.dmp

    Filesize

    1024KB

    Download