Overview

overview

10

Static

static

7

Licenses/1...12.rtf

windows10-1703-x64

6

Licenses/1...12.rtf

windows10-1703-x64

1

Licenses/1...es.rtf

windows10-1703-x64

1

Licenses/1...ls.rtf

windows10-1703-x64

1

Licenses/1...ct.rtf

windows10-1703-x64

1

Licenses/1...rk.rtf

windows10-1703-x64

1

Licenses/1...ls.rtf

windows10-1703-x64

1

Licenses/1...ss.rtf

windows10-1703-x64

1

Licenses/1...R2.rtf

windows10-1703-x64

1

Licenses/1...DB.rtf

windows10-1703-x64

1

Licenses/1...LI.rtf

windows10-1703-x64

1

Licenses/1...ts.rtf

windows10-1703-x64

1

Licenses/1...ce.rtf

windows10-1703-x64

1

Licenses/1...ce.rtf

windows10-1703-x64

1

Licenses/1...om.rtf

windows10-1703-x64

1

Licenses/1...er.rtf

windows10-1703-x64

1

Licenses/s...se.rtf

windows10-1703-x64

1

Licenses/s...es.rtf

windows10-1703-x64

1

Setup.exe

windows10-1703-x64

10

Team Tools...es.dll

windows10-1703-x64

1

Team Tools...ge.exe

windows10-1703-x64

1

Team Tools...64.dll

windows10-1703-x64

1

Team Tools...10.dll

windows10-1703-x64

7

Team Tools...32.dll

windows10-1703-x64

1

Team Tools...10.dll

windows10-1703-x64

1

Team Tools...es.dll

windows10-1703-x64

1

Team Tools...UI.dll

windows10-1703-x64

1

Team Tools...ui.dll

windows10-1703-x64

1

Team Tools...ui.dll

windows10-1703-x64

1

Team Tools...ui.dll

windows10-1703-x64

1

Team Tools...ol.dll

windows10-1703-x64

1

Team Tools...er.dll

windows10-1703-x64

1

Analysis

  • max time kernel
    18s
  • max time network
    247s
  • platform
    windows10-1703_x64
  • resource
    win10-20240611-en
  • resource tags

    arch:x64arch:x86image:win10-20240611-enlocale:en-usos:windows10-1703-x64system
  • submitted
    30-06-2024 22:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Licenses/1049/SQLCmdLnUtils.rtf

  • Size

    34KB

  • MD5

    27f3d76b22cb7f572074d025f85f021a

  • SHA1

    41eed1c4929472f6759d5a0cf81cbf2e899f478a

  • SHA256

    1a27d91c40e96e84a68149413a3195e591de7bbd961128a94a618ad6326380b6

  • SHA512

    121f470665e25f85604648b0a990d6f076301c1dd38d4527a6e3a39258cec9eb0e73abef1701c1e2dbf15a66f09e8deb5b2e09bf84d2563b6e2257750aa3ac0f

  • SSDEEP

    768:f/J7np/ysZMV11pQ0eF5u2JKRTmrVeQW4zh+:pkmrkQW4zI

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
    "C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\Licenses\1049\SQLCmdLnUtils.rtf" /o ""
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious use of SetWindowsHookEx
    PID:4640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\TCD585F.tmp\sist02.xsl
    Filesize

    245KB

    MD5

    f883b260a8d67082ea895c14bf56dd56

    SHA1

    7954565c1f243d46ad3b1e2f1baf3281451fc14b

    SHA256

    ef4835db41a485b56c2ef0ff7094bc2350460573a686182bc45fd6613480e353

    SHA512

    d95924a499f32d9b4d9a7d298502181f9e9048c21dbe0496fa3c3279b263d6f7d594b859111a99b1a53bd248ee69b867d7b1768c42e1e40934e0b990f0ce051e

    Download Submit
  • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\fb3b0dbfee58fac8.customDestinations-ms
    Filesize

    3KB

    MD5

    cb17369bee21e9453b4740d904d3dd2a

    SHA1

    898a0bf95fe7803b5c8e868a15af26ad3477283f

    SHA256

    dd1ab8d96ee0b917dd00915aec8e86068f6c1c7b76b9317230426170039fd45d

    SHA512

    4c5fd00dd2fa150d53dbc077d88d52c3358ffb004bd32f71fd88c4dfadd7c06cee786967bcc44180471b090cffe986538fc177ac8fa23bf2a2b3a2520dd2b125

    Download Submit
  • memory/4640-3-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-1-0x00007FF982915000-0x00007FF982916000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4640-9-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-20-0x00007FF93F9B0000-0x00007FF93F9C0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-10-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-4-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-2-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-192-0x00007FF982915000-0x00007FF982916000-memory.dmp
    Filesize

    4KB

    Download
  • memory/4640-0-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-15-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-14-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-16-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-19-0x00007FF93F9B0000-0x00007FF93F9C0000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-193-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-17-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-13-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-5-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-8-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-18-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-194-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-195-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-196-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-6-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-197-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-203-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-204-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-7-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-756-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-755-0x00007FF982870000-0x00007FF982A4B000-memory.dmp
    Filesize

    1.9MB

    Download
  • memory/4640-754-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-753-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-752-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download
  • memory/4640-751-0x00007FF942900000-0x00007FF942910000-memory.dmp
    Filesize

    64KB

    Download