Overview

overview

8

Static

static

59a89d4f4a...6e.exe

windows7_x64

8

59a89d4f4a...6e.exe

windows10-2004_x64

8

Analysis

  • max time kernel
    136s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    07-07-2022 08:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59a89d4f4afed5bce35533649cbe878f815a7da3befe2801b1c3d8d6aaad1c6e.exe

  • Size

    1.1MB

  • MD5

    46a1cd3444cd754930da7124b2707ff5

  • SHA1

    c325e3cc684e0d034a6e1d70b996bc232d3b29d6

  • SHA256

    59a89d4f4afed5bce35533649cbe878f815a7da3befe2801b1c3d8d6aaad1c6e

  • SHA512

    e6dd59931f110c1da2d10f61b3f43ad8d5ab829f74254e58699232d523f3e56e1c032eb510a2b4410b50c39e48848196ee57ccf3d14961bcc4694792df64f848

Score
8/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\59a89d4f4afed5bce35533649cbe878f815a7da3befe2801b1c3d8d6aaad1c6e.exe
    "C:\Users\Admin\AppData\Local\Temp\59a89d4f4afed5bce35533649cbe878f815a7da3befe2801b1c3d8d6aaad1c6e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:4068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dskinengine.dll
    Filesize

    639KB

    MD5

    287dbe222adddb805b9c585e9d86f403

    SHA1

    6835673edc44328cdc3356f19c24e1d61ea76186

    SHA256

    2437f6da193f01b346df2dd90902ba1a151b83ce3e61c193f1d6ea7ddc86cd09

    SHA512

    150f4278fd57e791aa84c05a4e6f6863e126268a81708ce7776c231304f585ac0809d30b25c33177acc34b5738e50a4dfd9c2e08454537fd02558f0c27fa9d92

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\dskinengine.dll
    Filesize

    639KB

    MD5

    287dbe222adddb805b9c585e9d86f403

    SHA1

    6835673edc44328cdc3356f19c24e1d61ea76186

    SHA256

    2437f6da193f01b346df2dd90902ba1a151b83ce3e61c193f1d6ea7ddc86cd09

    SHA512

    150f4278fd57e791aa84c05a4e6f6863e126268a81708ce7776c231304f585ac0809d30b25c33177acc34b5738e50a4dfd9c2e08454537fd02558f0c27fa9d92

    Download Submit
  • memory/4068-132-0x00000000023A0000-0x00000000024F5000-memory.dmp
    Filesize

    1.3MB

    Download
  • memory/4068-133-0x0000000002550000-0x0000000002598000-memory.dmp
    Filesize

    288KB

    Download