Overview

overview

8

Static

static

8

e099f166ca...ab.xls

windows7-x64

1

e099f166ca...ab.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/03/2024, 09:27

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e099f166caa5b30f78290373cc824cb93eee0c733fbbf770afa499b42a4718ab.xls

  • Size

    1.9MB

  • MD5

    cb653f95fb9a0de9bcd7fcf4586f4def

  • SHA1

    2b2a1a12e970590c226e03127694f31fef560ec9

  • SHA256

    e099f166caa5b30f78290373cc824cb93eee0c733fbbf770afa499b42a4718ab

  • SHA512

    96e07e78b9cb0a2ff68ccd514010fcd9ce76e2902cbca3ecc8c3b739fb173d0902eb251f94dc085c8066951b396648c08de15b5497879699606355f6bbff187d

  • SSDEEP

    12288:I7TTvIOvssFOhk09jdJo4PViU1LxZYjUckV3wt+sKLX/+c9nJSPoly:sTwOkssdxLoqrYrcgE3TtJSAly

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\e099f166caa5b30f78290373cc824cb93eee0c733fbbf770afa499b42a4718ab.xls"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2616

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2616-0-0x00007FFA319B0000-0x00007FFA319C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-1-0x00007FFA319B0000-0x00007FFA319C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-2-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-4-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-3-0x00007FFA319B0000-0x00007FFA319C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-5-0x00007FFA319B0000-0x00007FFA319C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-6-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-7-0x00007FFA319B0000-0x00007FFA319C0000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-8-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-9-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-11-0x00007FFA2F150000-0x00007FFA2F160000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-10-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-12-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-13-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-14-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-15-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-17-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-16-0x00007FFA2F150000-0x00007FFA2F160000-memory.dmp

          Filesize

          64KB

          Download

        • memory/2616-18-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-19-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-20-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download

        • memory/2616-33-0x00007FFA71930000-0x00007FFA71B25000-memory.dmp

          Filesize

          2.0MB

          Download