Overview

overview

3

Static

static

1

abcdefgRemus.zip

windows7-x64

1

abcdefgRemus.zip

windows10-2004-x64

1

blob/{3a30...}.blob

windows7-x64

3

blob/{3a30...}.blob

windows10-2004-x64

3

blob/{5b9c...}.blob

windows7-x64

3

blob/{5b9c...}.blob

windows10-2004-x64

3

images/{1d...f}.png

windows7-x64

3

images/{1d...f}.png

windows10-2004-x64

3

images/{21...d}.png

windows7-x64

3

images/{21...d}.png

windows10-2004-x64

3

images/{3b...c}.png

windows7-x64

3

images/{3b...c}.png

windows10-2004-x64

3

images/{91...0}.png

windows7-x64

3

images/{91...0}.png

windows10-2004-x64

3

images/{cd...6}.png

windows7-x64

3

images/{cd...6}.png

windows10-2004-x64

3

images/{ce...1}.png

windows7-x64

3

images/{ce...1}.png

windows10-2004-x64

3

project.xml

windows7-x64

3

project.xml

windows10-2004-x64

1

versions.xml

windows7-x64

3

versions.xml

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/09/2024, 06:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    project.xml

  • Size

    1.9MB

  • MD5

    6c4df76b5f142db11e536d096c2097d9

  • SHA1

    044a3b0112c0eb52e035a405992f39a98d34cb87

  • SHA256

    e0edfb920ea6365eab889b68b9e016f46179f36081270ed84dc52488e7cae52f

  • SHA512

    def9ad3517da6d20bc78b326b2cf626acb3e9c0b869cc7db581d88fe0a5c709e8add4215f81056fc48ea11dd8510a6a2eaf8772ec150c3d78740a361cb27651b

  • SSDEEP

    1536:Jl+yPpM09f2K0gye4CmYD0Xlj/hSi4NftF:Nf2sWBx/+F

Score
1/10

Malware Config

Signatures

Processes

  • C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE
    "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\MSOXMLED.EXE" /verb open "C:\Users\Admin\AppData\Local\Temp\project.xml"
    1⤵
      PID:3292

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3292-0-0x00007FF885E30000-0x00007FF885E40000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3292-1-0x00007FF8C5E4D000-0x00007FF8C5E4E000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3292-3-0x00007FF8C5DB0000-0x00007FF8C5FA5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3292-2-0x00007FF8C5DB0000-0x00007FF8C5FA5000-memory.dmp

      Filesize

      2.0MB

      Download

    • memory/3292-4-0x00007FF8C5DB0000-0x00007FF8C5FA5000-memory.dmp

      Filesize

      2.0MB

      Download