Overview

overview

8

Static

static

8

0b569850b8...cd.doc

windows7-x64

4

0b569850b8...cd.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240704-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240704-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2024 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b569850b8cb6ddcdb1c8fbfce4d8f123ddcf26bf8ac339c1da6c83d92c34ccd.doc

  • Size

    37KB

  • MD5

    be087bc1705507e27e92a7ab6b103460

  • SHA1

    0b8c3b1792e94f6865e1f626e65daf38d56d802a

  • SHA256

    0b569850b8cb6ddcdb1c8fbfce4d8f123ddcf26bf8ac339c1da6c83d92c34ccd

  • SHA512

    c2c1b645043ae75fc810da07b607a0897de4fa1cf506f68e022ce5ccbf1d97e51ffd6af11b48c4ff6ba106ffd78a8b89efb11f19cf886362441367eab1803432

  • SSDEEP

    768:wlMeJY5xmZ83Mb6SeRm9nKkjhT3YZwS1yw3Ys4:wAe09mlHV3YZwS1yw3Ys4

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 3 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 16 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\0b569850b8cb6ddcdb1c8fbfce4d8f123ddcf26bf8ac339c1da6c83d92c34ccd.doc" /o ""
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:60

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/60-0-0x00007FFC928F0000-0x00007FFC92900000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-2-0x00007FFC928F0000-0x00007FFC92900000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-1-0x00007FFC928F0000-0x00007FFC92900000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-3-0x00007FFC928F0000-0x00007FFC92900000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-4-0x00007FFC928F0000-0x00007FFC92900000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-5-0x00007FFCD290D000-0x00007FFCD290E000-memory.dmp

    Filesize

    4KB

    Download

  • memory/60-6-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-8-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-7-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-9-0x00007FFC907E0000-0x00007FFC907F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-11-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-10-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-12-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-14-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-15-0x00007FFC907E0000-0x00007FFC907F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/60-13-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/60-32-0x00007FFCD2870000-0x00007FFCD2A65000-memory.dmp

    Filesize

    2.0MB

    Download