Overview

overview

10

Static

static

5

tkraw_Protected99.exe

windows7_x64

10

tkraw_Protected99.exe

windows10-2004_x64

7

Analysis

  • max time kernel
    73s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220331-en
  • submitted
    31-03-2022 21:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tkraw_Protected99.exe

  • Size

    1.9MB

  • MD5

    71826ba081e303866ce2a2534491a2f7

  • SHA1

    b482d64a43f6bfbf758166ecba680b7f0c59a4f7

  • SHA256

    62099532750dad1054b127689680c38590033fa0bdfa4fb40c7b4dcb2607fb11

  • SHA512

    c1a3092eb4194fc777f9d681ad2ee98e1a28d9c6decded8f9054806fa4e94c0aaf9d66186c616cca4b5d2111868a3f79a54e4e7b84335579082eeedc7cee372d

Score
7/10

Malware Config

Signatures

  • Drops startup file 1 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tkraw_Protected99.exe
    "C:\Users\Admin\AppData\Local\Temp\tkraw_Protected99.exe"
    1⤵
    • Drops startup file
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads