Overview

overview

8

Static

static

1

cdc3d6e1f6...96.doc

windows7-x64

1

cdc3d6e1f6...96.doc

windows10-2004-x64

1

decrypted.xlsx

windows7-x64

8

decrypted.xlsx

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16/03/2024, 10:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    cdc3d6e1f6e355271d47711b561d5a96.doc

  • Size

    1.2MB

  • MD5

    cdc3d6e1f6e355271d47711b561d5a96

  • SHA1

    2e73dc71b3995db85f866e1d014a8f2feb1894fd

  • SHA256

    a6b6080b4146a109d9c2bbb3e3bf4dd511b37deae0c3f333922e3e44a91ec74f

  • SHA512

    4347b70df8961cbea438e28e357d704b3e23014b3096518f2c66fb588a2c7aff29d6c36f7b96a0a307243f0ee06747e645ce5da83b92b901d0ad54647c4be943

  • SSDEEP

    24576:XMOyHTj0V8AN+EDue4/McKIDrE/7lBlkaXVOM+naR8q+/siVXg/SqKbF:XDyHTjZa+PMuDw3k+VOMQaRo//VXgxw

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\cdc3d6e1f6e355271d47711b561d5a96.doc"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:3064

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/3064-0-0x000000002FE81000-0x000000002FE82000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3064-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

          Filesize

          64KB

          Download

        • memory/3064-2-0x000000007135D000-0x0000000071368000-memory.dmp

          Filesize

          44KB

          Download

        • memory/3064-5-0x000000007135D000-0x0000000071368000-memory.dmp

          Filesize

          44KB

          Download