Overview

overview

10

Static

static

2723cd6a89...85.exe

windows7_x64

10

2723cd6a89...85.exe

windows10_x64

10

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-en-20211014
  • submitted
    25-10-2021 07:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2723cd6a89d485c90618b99420873285.exe

  • Size

    705KB

  • MD5

    2723cd6a89d485c90618b99420873285

  • SHA1

    8111dcfd12290dd39ce4baa3aed9ef705495187b

  • SHA256

    50d667296ecc8a26f57a74566a79145d69cda60f531dae565c13f2e8a8503aae

  • SHA512

    0e9c667dc0f717665b3a37df1fcdf69171c546a2f5b1c475b67a1e6f171f611ae6ef5f25dc4d72842000610c94457b10b9346a126220d002ead1caf51a7e6774

Score
10/10
suricata

Malware Config

Signatures

  • suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger

    suricata: ET MALWARE AutoHotkey Downloader Checkin via IPLogger

    suricata
  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

Processes

  • C:\Users\Admin\AppData\Local\Temp\2723cd6a89d485c90618b99420873285.exe
    "C:\Users\Admin\AppData\Local\Temp\2723cd6a89d485c90618b99420873285.exe"
    1⤵
    • Checks processor information in registry
    PID:1552

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1552-55-0x0000000001128000-0x0000000001195000-memory.dmp
    Filesize

    436KB

    Download
  • memory/1552-56-0x0000000001210000-0x00000000012DF000-memory.dmp
    Filesize

    828KB

    Download
  • memory/1552-57-0x0000000076531000-0x0000000076533000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1552-58-0x0000000000400000-0x0000000001081000-memory.dmp
    Filesize

    12.5MB

    Download