dotEXE1.exe

General
Target

dotEXE1.exe

Filesize

5MB

Completed

25-11-2020 14:07

Score
1 /10
MD5

d8e3e53d1eb7b3cc029ccd1b4af18aaa

SHA1

3e3057d6e140a8c7b29929b3982f3f27692635f6

SHA256

9811501a32c5d39dfccc30ada4c5538602a53b94d19ba0d6323c830f8234d27c

Malware Config
Signatures 2

Filter: none

  • Modifies registry class
    dotEXE1.exe

    Reported IOCs

    descriptioniocprocess
    Key created\REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\InstancedotEXE1.exe
    Key created\REGISTRY\USER\S-1-5-21-1985363256-3005190890-1182679451-1000_Classes\WOW6432Node\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InstancedotEXE1.exe
  • Suspicious use of SetWindowsHookEx
    dotEXE1.exe

    Reported IOCs

    pidprocess
    636dotEXE1.exe
    636dotEXE1.exe
Processes 1
  • C:\Users\Admin\AppData\Local\Temp\dotEXE1.exe
    "C:\Users\Admin\AppData\Local\Temp\dotEXE1.exe"
    Modifies registry class
    Suspicious use of SetWindowsHookEx
    PID:636
Network
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Replay Monitor
                          00:00 00:00
                          Downloads