Overview

overview

1

Static

static

1

robux.odt

windows7-x64

1

Resubmissions

03-05-2024 17:50

240503-wevyfacb4x 1

03-05-2024 17:46

240503-wchkbsca7s 1

03-05-2024 17:44

240503-wa5l3sca6t 5

03-05-2024 17:41

240503-v9lsksca4y 4

Analysis

  • max time kernel
    0s
  • max time network
    0s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03-05-2024 17:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    robux.odt

  • Size

    9KB

  • MD5

    0ab1ff409c5215b2b97a299edcf753f2

  • SHA1

    a3424453d8e75751b2299a0bd8bbe3e5e873ca55

  • SHA256

    1941bf7da16b22e0d2442c8436cf36f199103742a5bd6e505a5d9577066d8336

  • SHA512

    23a823ad3ea76d2bcd72832347905a72b8eb13a00b1fc7c099588d1bd4d95b327ad81a47088d332024d2ccd7dd1a2a45823be3b13c8167c61a3ed409a8679008

  • SSDEEP

    192:LqpauWyldy4VuvODsqR1SbONXDQZzkcQamD2hT58hRjIi:2JBQ4V9z/SbHZHfmQT0jIi

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 9 IoCs
    adwarespyware
  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
    "C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\robux.odt"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:1540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1540-0-0x000000002FD51000-0x000000002FD52000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1540-1-0x000000005FFF0000-0x0000000060000000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1540-2-0x00000000713ED000-0x00000000713F8000-memory.dmp

    Filesize

    44KB

    Download