Analysis

  • max time kernel
    123s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7v20210410
  • submitted
    13-05-2021 12:56

General

  • Target

    4e512e401c0440949f3ce60077bf801af0585c24b67ef8d49b7012bd19f5d641.exe

  • Size

    2.9MB

  • MD5

    b55a50a92c2ed420a88d61df47d99a3f

  • SHA1

    943e9c8c919df6fe11635c51d86b2ad7e01493ae

  • SHA256

    4e512e401c0440949f3ce60077bf801af0585c24b67ef8d49b7012bd19f5d641

  • SHA512

    9376baac56030ca712c1529967bcd898a28ce63a8c2072566966b577b8d9d783336f88086342aa5b15947f2708c0931e375c66f2748931d41e9e965acf7635a4

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 16 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4e512e401c0440949f3ce60077bf801af0585c24b67ef8d49b7012bd19f5d641.exe
    "C:\Users\Admin\AppData\Local\Temp\4e512e401c0440949f3ce60077bf801af0585c24b67ef8d49b7012bd19f5d641.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1088

Network

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

1
T1112

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1088-59-0x00000000753B1000-0x00000000753B3000-memory.dmp
    Filesize

    8KB

  • memory/1088-60-0x0000000010000000-0x0000000010151000-memory.dmp
    Filesize

    1.3MB