Overview

overview

8

Static

static

WIN10(30)

windows10_x64

8

Resubmissions

15-02-2021 18:58

210215-b4395dk5gj 8

15-02-2021 15:23

210215-hzn6eppy4j 10

Analysis

  • max time kernel
    1774s
  • max time network
    1774s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    15-02-2021 18:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d16c33acbb708fd0daf6360fb293f453.exe

  • Size

    952KB

  • MD5

    d16c33acbb708fd0daf6360fb293f453

  • SHA1

    d5cea93c11983dbe82a6aee4cd26a0afb28b927a

  • SHA256

    e8b23f70120b69886cd4ec64fc1dea36c4c9d6ee0d07d31c83e34e4a56ede56f

  • SHA512

    cfd8767c57313e40d109f9af433fbce2a5498a295a950b967874e79825bace578c9a42eeebb908e9eb7c6c1bc9ad0dd807e2cd6a62b98917933a3034d31b518e

Score
8/10
dave

Malware Config

Signatures

  • Dave packer 1 IoCs

    Detects executable packed with a packer named 'Dave' from the community, due to a string at the end of it.

    dave
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d16c33acbb708fd0daf6360fb293f453.exe
    "C:\Users\Admin\AppData\Local\Temp\d16c33acbb708fd0daf6360fb293f453.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1152-2-0x0000000002300000-0x000000000232F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1152-4-0x0000000002330000-0x000000000235E000-memory.dmp

    Filesize

    184KB

    Download

  • memory/1152-3-0x00000000022D0000-0x00000000022FD000-memory.dmp

    Filesize

    180KB

    Download

  • memory/1152-5-0x00000000036D0000-0x0000000003AD0000-memory.dmp

    Filesize

    4.0MB

    Download