2f1a6b566dc0d2b8e5fcdcf67adc0be912f73fe14c27b262b610dfcd03cd4686

Submit
Reports

Overview

overview

Static

static

Downloads1...f5.exe

windows7_x64

Downloads1...f5.exe

windows10_x64

Downloads1...41.dll

windows7_x64

Downloads1...41.dll

windows10_x64

Downloads1...8b.exe

windows7_x64

Downloads1...8b.exe

windows10_x64

Downloads1...d2.exe

windows7_x64

Downloads1...d2.exe

windows10_x64

Downloads1...38.exe

windows7_x64

Downloads1...38.exe

windows10_x64

Downloads1...92.exe

windows7_x64

Downloads1...92.exe

windows10_x64

Downloads1...46.exe

windows7_x64

Downloads1...46.exe

windows10_x64

Downloads1...2f.exe

windows7_x64

Downloads1...2f.exe

windows10_x64

Downloads1...78.exe

windows7_x64

Downloads1...78.exe

windows10_x64

Downloads1...89.exe

windows7_x64

Downloads1...89.exe

windows10_x64

Downloads1...ee.exe

windows7_x64

Downloads1...ee.exe

windows10_x64

Downloads1...1a.exe

windows7_x64

Downloads1...1a.exe

windows10_x64

Downloads1...af.exe

windows7_x64

Downloads1...af.exe

windows10_x64

Downloads1...21.exe

windows7_x64

Downloads1...21.exe

windows10_x64

Downloads1...5f.exe

windows7_x64

Downloads1...5f.exe

windows10_x64

Downloads1...7c.exe

windows7_x64

Downloads1...7c.exe

windows10_x64

Analysis

max time kernel
22s
max time network
117s
platform
windows10_x64
resource
win10v20201028
submitted
15-03-2021 09:50

Sharing

Copy URL

Twitter E-mail

Static task

static1

miner xmrig

Behavioral task

behavioral1

Sample

Downloads1/07b439787a516e6298c347a672039e6932699d3e2c9cddaf31c1a325cae5b3f5.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Downloads1/07b439787a516e6298c347a672039e6932699d3e2c9cddaf31c1a325cae5b3f5.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

Downloads1/24689a36a7f3427d98473599b6b73febe3f5c6b874fc7ec07d76fe4cdacf4041.dll

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

Downloads1/24689a36a7f3427d98473599b6b73febe3f5c6b874fc7ec07d76fe4cdacf4041.dll

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral5

Sample

Downloads1/2a299b9d8f0c05640b60bfceb4990661fbaa7154d0c688599e6afde72101a88b.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral6

Sample

Downloads1/2a299b9d8f0c05640b60bfceb4990661fbaa7154d0c688599e6afde72101a88b.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral7

Sample

Downloads1/2c69d3350203f1aa4c99848a097cf428fa6d748d28fb291a166710f78d6dd7d2.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral8

Sample

Downloads1/2c69d3350203f1aa4c99848a097cf428fa6d748d28fb291a166710f78d6dd7d2.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral9

Sample

Downloads1/339c67c2aaa2f7bc23ea77b1320a0dc43519a0561644c5bbc0b698c256cdf138.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral10

Sample

Downloads1/339c67c2aaa2f7bc23ea77b1320a0dc43519a0561644c5bbc0b698c256cdf138.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral11

Sample

Downloads1/484b0d880db7b05aa0b459e22c8c6f4dd1dd74f0731c46a24a1447b1f1a7ad92.exe

Resource

win7v20201028

gozi_ifsb banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral12

Sample

Downloads1/484b0d880db7b05aa0b459e22c8c6f4dd1dd74f0731c46a24a1447b1f1a7ad92.exe

Resource

win10v20201028

gozi_ifsb banker trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral13

Sample

Downloads1/569c41122e32d220bfbaf714d360fa6238f44fe15dd398a5b4d2e05a57a02046.exe

Resource

win7v20201028

lokibot spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral14

Sample

Downloads1/569c41122e32d220bfbaf714d360fa6238f44fe15dd398a5b4d2e05a57a02046.exe

Resource

win10v20201028

lokibot spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral15

Sample

Downloads1/5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral16

Sample

Downloads1/5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral17

Sample

Downloads1/5b712f3ced695dd1510320494ecac67b277c0b386ee465303504c89431f87c78.exe

Resource

win7v20201028

locky persistence ransomware

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral18

Sample

Downloads1/5b712f3ced695dd1510320494ecac67b277c0b386ee465303504c89431f87c78.exe

Resource

win10v20201028

locky persistence ransomware

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral19

Sample

Downloads1/61f2d6fa249bfd74e59d8f6d50191c62490fc690f7fb035fe2133b4566b38a89.exe

Resource

win7v20201028

agenttesla evasion keylogger persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral20

Sample

Downloads1/61f2d6fa249bfd74e59d8f6d50191c62490fc690f7fb035fe2133b4566b38a89.exe

Resource

win10v20201028

agenttesla evasion keylogger persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral21

Sample

Downloads1/676b02d81ccb54835e6c176ca797757e4e61cd3d6dab30e91bc55bbb65471dee.exe

Resource

win7v20201028

evasion persistence spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral22

Sample

Downloads1/676b02d81ccb54835e6c176ca797757e4e61cd3d6dab30e91bc55bbb65471dee.exe

Resource

win10v20201028

evasion persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral23

Sample

Downloads1/7194aa3ef48725220516bc618aec8ab92ddef859de8f584a6a214ed9812e221a.exe

Resource

win7v20201028

trickbot kas89 banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral24

Sample

Downloads1/7194aa3ef48725220516bc618aec8ab92ddef859de8f584a6a214ed9812e221a.exe

Resource

win10v20201028

trickbot kas89 banker trojan

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral25

Sample

Downloads1/7682b842ed75b69e23c5deecf05a45ee79c723d98cfb6746380d748145bfc1af.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral26

Sample

Downloads1/7682b842ed75b69e23c5deecf05a45ee79c723d98cfb6746380d748145bfc1af.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral27

Sample

Downloads1/772d9f798c5e823b84daa0928beb65722bdddf42e8bb18256a50dbaea959c321.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral28

Sample

Downloads1/772d9f798c5e823b84daa0928beb65722bdddf42e8bb18256a50dbaea959c321.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral29

Sample

Downloads1/7c207a6ad28507e302b1165849b57a09695482d5c07bae27dcbba92a55163e5f.exe

Resource

win7v20201028

evasion persistence spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral30

Sample

Downloads1/7c207a6ad28507e302b1165849b57a09695482d5c07bae27dcbba92a55163e5f.exe

Resource

win10v20201028

evasion persistence spyware stealer

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral31

Sample

Downloads1/81de8fd03493d938e9acc7f226768847a5034f5dbea98bdfb2bca67facc1b27c.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral32

Sample

Downloads1/81de8fd03493d938e9acc7f226768847a5034f5dbea98bdfb2bca67facc1b27c.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

Downloads1/5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe
Size

460KB
MD5

121b06ee87950d0faeea0ba5b9c0a4cd
SHA1

c450634b90cceac6f7393d38fea10453a6010dfe
SHA256

5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f
SHA512

147d4a4b84f3d746fa336dcf8b657dd1894b939792dd7d90a32d866f7e17d7090c63e393db6709a55533bd2dcbb3c7180c048bcbdaeed91bb62cdb9f288b4abe

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe

pid process

4772 5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe

pid	process
4772	5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Downloads1\5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe
"C:\Users\Admin\AppData\Local\Temp\Downloads1\5991d72ef8f2e3f623afc25c0129eb408d3f5e4494b5052a4009c0d9172e082f.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:4772

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4772-4-0x00000000021D0000-0x00000000021D6000-memory.dmp

Filesize
24KB

Download