Analysis
-
max time kernel
16s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
17-10-2024 21:12
General
-
Target
56df6a72d9854e095045b2d43efb14e9e7049a3b289b371265a4a8612c2a3548.xlsm
-
Size
92KB
-
MD5
23a237ef6b3a4d4c8017316ce1fb7a44
-
SHA1
b282a9252b243e89b302ba1ec6dbed4fa2cb1447
-
SHA256
56df6a72d9854e095045b2d43efb14e9e7049a3b289b371265a4a8612c2a3548
-
SHA512
2401a000c9e378913bc64c09f19830836e6f61a1bcab36c5735e0be90aed3dd197fce58d29a75127845501010c48e94ffa42183b71b235a6055ebf03357c14da
-
SSDEEP
1536:CguZCa6S5khUIMFLu8d4znOSjhLzVubGa/M1NIpPkUlB7583fjncFYIIUUFy:CgugapkhlOLpaPjpzVw/Ms8ULavLcB
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Office loads VBA resources, possible macro or embedded object present
-
Enumerates system info in registry 2 TTPs 1 IoCs
-
Suspicious behavior: AddClipboardFormatListener 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE"C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE" /dde C:\Users\Admin\AppData\Local\Temp\56df6a72d9854e095045b2d43efb14e9e7049a3b289b371265a4a8612c2a3548.xlsm1⤵
- System Location Discovery: System Language Discovery
- Enumerates system info in registry
- Suspicious behavior: AddClipboardFormatListener
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
64KB
-
Filesize
44KB
-
Filesize
1024KB
-
Filesize
1024KB
-
Filesize
1024KB
-
Filesize
1024KB
-
Filesize
1024KB
-
Filesize
44KB
-
Filesize
1024KB
-
Filesize
1024KB
-
Filesize
1024KB
-
Filesize
1024KB