Overview

overview

10

Static

static

1

ec5062b6c5...4b.xls

windows7-x64

10

ec5062b6c5...4b.xls

windows10-2004-x64

1

Analysis

  • max time kernel
    12s
  • max time network
    49s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-03-2024 03:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ec5062b6c5c6648b188b29b28741d4911a36986ec5adccad8ecffa5e8b41734b.xls

  • Size

    49KB

  • MD5

    de81ca904b88240d1bdf3e6ce5211367

  • SHA1

    04b96d917496857a4e5cafd042e1594323437a5b

  • SHA256

    ec5062b6c5c6648b188b29b28741d4911a36986ec5adccad8ecffa5e8b41734b

  • SHA512

    c52d1d62b0c73527ed2d4ea2a93444b2904c3e91d8b3296300c9c87ee8d288b23e0f779b4f3851886c230c5be8e84b15ee456eea086a7070444c1049d5bb7373

  • SSDEEP

    1536:hX682vSrL9JfQsZvYjOEpE0Ff9hZ+U04mjDP:hX682arL9Cd6unv

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE" "C:\Users\Admin\AppData\Local\Temp\ec5062b6c5c6648b188b29b28741d4911a36986ec5adccad8ecffa5e8b41734b.xls"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:2512
  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" -Embedding
    1⤵
      PID:1188

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1188-32-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1188-37-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1188-36-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/1188-34-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-13-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-15-0x00007FFFA2A50000-0x00007FFFA2A60000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-6-0x00007FFFA5170000-0x00007FFFA5180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-7-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-9-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-8-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-10-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-12-0x00007FFFA2A50000-0x00007FFFA2A60000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-0-0x00007FFFA5170000-0x00007FFFA5180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-14-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-11-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-5-0x00007FFFA5170000-0x00007FFFA5180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-16-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-18-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-17-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-20-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-19-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-21-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-4-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/2512-3-0x00007FFFA5170000-0x00007FFFA5180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-1-0x00007FFFA5170000-0x00007FFFA5180000-memory.dmp

      Filesize

      64KB

      Download

    • memory/2512-2-0x00007FFFE50F0000-0x00007FFFE52E5000-memory.dmp

      Filesize

      2.0MB

      Download