Overview

overview

10

Static

static

aeca6bcf2d...02.exe

windows7_x64

8

aeca6bcf2d...02.exe

windows10_x64

10

Analysis

  • max time kernel
    150s
  • max time network
    66s
  • platform
    windows7_x64
  • resource
    win7v20210408
  • submitted
    15-05-2021 08:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aeca6bcf2db969cb99ee3819cba054507effe800e24c8db41bb5a29a24a89102.exe

  • Size

    1.4MB

  • MD5

    90b03eb797256517546b9cbbe3113f9c

  • SHA1

    f7028ca655cd4507bd37988c8ed4083af7310ef1

  • SHA256

    aeca6bcf2db969cb99ee3819cba054507effe800e24c8db41bb5a29a24a89102

  • SHA512

    5591d2a9dcbdbf69c0fb794bca2c89f30100f0c91a858f140c97f8a2b566a06b3bd8c8c5189926c9eb637822d2778dd468d7f5b4d571238be2fdeaeca827c85f

Score
8/10
persistence

Malware Config

Signatures

  • Adds policy Run key to start application 2 TTPs 4 IoCs
    persistence
  • Adds Run key to start application 2 TTPs 4 IoCs
    persistence
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aeca6bcf2db969cb99ee3819cba054507effe800e24c8db41bb5a29a24a89102.exe
    "C:\Users\Admin\AppData\Local\Temp\aeca6bcf2db969cb99ee3819cba054507effe800e24c8db41bb5a29a24a89102.exe"
    1⤵
    • Adds policy Run key to start application
    • Adds Run key to start application
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious behavior: RenamesItself
    • Suspicious use of SetWindowsHookEx
    PID:1892

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

2
T1060

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1892-59-0x0000000000400000-0x0000000000434000-memory.dmp
    Filesize

    208KB

    Download