40ba07f9761a6565642d7aae57f2f4622030e33fe80eb46a543446dcb8e3f1ca

Submit
Reports

Overview

overview

Static

static

04443c70d3...be.exe

windows7_x64

04443c70d3...be.exe

windows10_x64

05535d72f3...06.exe

windows7_x64

05535d72f3...06.exe

windows10_x64

1bec139d54...72.exe

windows7_x64

1bec139d54...72.exe

windows10_x64

1f670ff8cc...55.exe

windows7_x64

1f670ff8cc...55.exe

windows10_x64

2deaa0ec74...ea.exe

windows7_x64

2deaa0ec74...ea.exe

windows10_x64

372b929ae9...ef.dll

windows7_x64

372b929ae9...ef.dll

windows10_x64

38ee6bea62...15.exe

windows7_x64

38ee6bea62...15.exe

windows10_x64

437d91ce52...8f.exe

windows7_x64

437d91ce52...8f.exe

windows10_x64

447058c1c6...a8.exe

windows7_x64

447058c1c6...a8.exe

windows10_x64

5061c0b08d...03.exe

windows7_x64

5061c0b08d...03.exe

windows10_x64

5ed4b682ef...d4.exe

windows7_x64

5ed4b682ef...d4.exe

windows10_x64

6970600d21...b5.exe

windows7_x64

6970600d21...b5.exe

windows10_x64

72f528f9a6...92.exe

windows7_x64

72f528f9a6...92.exe

windows10_x64

73dcee7abe...99.exe

windows7_x64

73dcee7abe...99.exe

windows10_x64

7e118b534a...d2.exe

windows7_x64

7e118b534a...d2.exe

windows10_x64

8034fffb03...3c.exe

windows7_x64

8034fffb03...3c.exe

windows10_x64

Analysis

max time kernel
15s
max time network
103s
platform
windows10_x64
resource
win10v20201028
submitted
15-03-2021 09:49

Sharing

Copy URL

Twitter E-mail

Static task

static1

upx

Behavioral task

behavioral1

Sample

04443c70d34ded7f17d3a00b0f3f7309291dbcb7957a1c5664aab6c7886b17be.exe

Resource

win7v20201028

miner persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

04443c70d34ded7f17d3a00b0f3f7309291dbcb7957a1c5664aab6c7886b17be.exe

Resource

win10v20201028

miner persistence upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

05535d72f3f98c73d9b660625e1b627b1bebbd15d7d4add4ecc492a2b0d67a06.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

05535d72f3f98c73d9b660625e1b627b1bebbd15d7d4add4ecc492a2b0d67a06.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

1bec139d54d147196c4e736d8dcf1f39d2bff390d59d5b240b4a97e03763cf72.exe

Resource

win7v20201028

discovery

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

1bec139d54d147196c4e736d8dcf1f39d2bff390d59d5b240b4a97e03763cf72.exe

Resource

win10v20201028

discovery

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

1f670ff8cca59a61aa0d58f297788916a6a9a318c1e7a3319367b6ffdc45c755.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

1f670ff8cca59a61aa0d58f297788916a6a9a318c1e7a3319367b6ffdc45c755.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

2deaa0ec7445c26f1442f860eb32f4fcda2d501699d09a94c26035d6185803ea.exe

Resource

win7v20201028

locky_lukitus ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

2deaa0ec7445c26f1442f860eb32f4fcda2d501699d09a94c26035d6185803ea.exe

Resource

win10v20201028

locky_lukitus ransomware

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

372b929ae9362bf357a3a8c5c968921f2c950094d928b2ed2cf94ea04bcfdbef.dll

Resource

win7v20201028

persistence spyware stealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

372b929ae9362bf357a3a8c5c968921f2c950094d928b2ed2cf94ea04bcfdbef.dll

Resource

win10v20201028

persistence spyware stealer upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

38ee6bea62658ae4fa75914261a5848a8db5b332ddfb52daf01e958871559e15.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

38ee6bea62658ae4fa75914261a5848a8db5b332ddfb52daf01e958871559e15.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

437d91ce52c0b54e125d28ea1bc6b5547183f04e40f9e487150be7862e61688f.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

437d91ce52c0b54e125d28ea1bc6b5547183f04e40f9e487150be7862e61688f.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

447058c1c6551c352895be7569e33c96384da3757303fc97004be45f56b4e9a8.exe

Resource

win7v20201028

upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

447058c1c6551c352895be7569e33c96384da3757303fc97004be45f56b4e9a8.exe

Resource

win10v20201028

upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

5ed4b682efcc4d63e5fc8a5f666f64e206e710dd408455d6061ddf3d8c95aed4.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

5ed4b682efcc4d63e5fc8a5f666f64e206e710dd408455d6061ddf3d8c95aed4.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

6970600d21285371d6a4fd6175b65b672b9b9aaea36353e1544f0672944c9fb5.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

6970600d21285371d6a4fd6175b65b672b9b9aaea36353e1544f0672944c9fb5.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

72f528f9a6bb7e6ccf45d9e25e77badb6e9fd8533c0fd8dac26a087347ff8592.exe

Resource

win7v20201028

persistence upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

72f528f9a6bb7e6ccf45d9e25e77badb6e9fd8533c0fd8dac26a087347ff8592.exe

Resource

win10v20201028

persistence upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

73dcee7abeca24a9170f800d069e80283b9ea1bd7cc6fbabdf55c613897f9699.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

73dcee7abeca24a9170f800d069e80283b9ea1bd7cc6fbabdf55c613897f9699.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

7e118b534abb919903bc15b33f5fe2db15a54f7f39a7abc87c61e4617f35c0d2.exe

Resource

win7v20201028

xmrig miner upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

7e118b534abb919903bc15b33f5fe2db15a54f7f39a7abc87c61e4617f35c0d2.exe

Resource

win10v20201028

xmrig miner upx

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

8034fffb03faec5aa94d3c16cdb98dfbcce06e8f8f7a278f7c30cff0398ea03c.exe

Resource

win7v20201028

imminent evasion spyware trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

8034fffb03faec5aa94d3c16cdb98dfbcce06e8f8f7a278f7c30cff0398ea03c.exe

Resource

win10v20201028

imminent evasion spyware trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe
Size

1001KB
MD5

36882198e11da2783e28b84eed923fca
SHA1

7b438dcc035151bdec22ff1c879ec0461ebad8fd
SHA256

5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03
SHA512

cae626bd2810c171e73256e4553d9558b40fa98afca46b31dbb6fd81ebe70eaf2c16ec23f17f2fb41553bea7b21b1868ea867904e4ed2b479ae2c985fbc4d8f2

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe

pid	process
4808	5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe
4808	5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe

Processes

C:\Users\Admin\AppData\Local\Temp\5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe
"C:\Users\Admin\AppData\Local\Temp\5061c0b08d522fdae45fc9285ac45fb96a4e80bd859867a0e988dfaeb2b33b03.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4808-2-0x00000000006A0000-0x00000000006A1000-memory.dmp

Filesize
4KB

Download