Overview

overview

6

Static

static

09ddfe4d69...68.exe

windows7-x64

6

09ddfe4d69...68.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    92s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/09/2022, 05:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09ddfe4d694eed76e9f03889f91f20a9f87f063b1b6f765c5fef11eb6d886068.exe

  • Size

    2.6MB

  • MD5

    84f1e34a9209659ab2e2ec47e8468058

  • SHA1

    2a39f5d60613f7db405fd3a463ee7cd9888846bc

  • SHA256

    09ddfe4d694eed76e9f03889f91f20a9f87f063b1b6f765c5fef11eb6d886068

  • SHA512

    4f159ca90b46ab9e41a4b5670b92c41b4d76dc810eb79d6e43c47562b495dc01cab9ce3a39ab22c4b15ef36719d01be8fd8da2411a73f27ffab856597f1818e0

  • SSDEEP

    49152:FkHl0dxMbt0MRWgZdl0m++S9f0RPl0vxd83wZMl0kY/5FIkh/r:cl0AVWgPl0mQ9yPl0vxuNl0n5ic

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 45 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\09ddfe4d694eed76e9f03889f91f20a9f87f063b1b6f765c5fef11eb6d886068.exe
    "C:\Users\Admin\AppData\Local\Temp\09ddfe4d694eed76e9f03889f91f20a9f87f063b1b6f765c5fef11eb6d886068.exe"
    1⤵
    • Checks whether UAC is enabled
    • Suspicious use of SetWindowsHookEx
    PID:396
  • C:\Program Files (x86)\Internet Explorer\ielowutil.exe
    "C:\Program Files (x86)\Internet Explorer\ielowutil.exe" -CLSID:{D5E8041D-920F-45e9-B8FB-B1DEB82C6E5E} -Embedding
    1⤵
      PID:4880
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4808
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4808 CREDAT:17410 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:740

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      471B

      MD5

      1520b1f0e8660cc8553264ce46871efd

      SHA1

      70c43f2c0b7599f782461590f8e1650a2df5dbfe

      SHA256

      8bb8dd5446da57093db31c10b4093a2378a9324f137d3eaa21ab0027e191c09e

      SHA512

      6ad8d5f620738988286981654070c9a4e2542f629f4e5245381143a2a88c98922145759ff8d90546e1a617639a7dd335ddca4aba5435fb216c01c705bc4f0be0

      Download Submit

    • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776
      Filesize

      404B

      MD5

      d26c1447c4a46131d2ac1fea89afa391

      SHA1

      dfe2b0329a330c98b53f4f9b915b67d2db6d0310

      SHA256

      3ff74cd3fe1cc0693a049256a7436cfcc13f24ca1a9aec6e4620f526a44be24a

      SHA512

      80c575551e63949a0f522099122501023779ec22bd016e33cac6ab7b408a0a460b9e5ae05dfc2b72e6245e62bfab90589d6d4473d8871fa2bd86a6d1b52ba5dd

      Download Submit

    • C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\dqptnfu\imagestore.dat
      Filesize

      1KB

      MD5

      bbda4c403169f77f10bc6661e72457a4

      SHA1

      07e07217b7de61c0e6718b721cc0deda0ae2af67

      SHA256

      4edd59eaab74465f65f07b2c0ff64109cab13eaa829e785c10df97cc2c810089

      SHA512

      cc8e68734819555807b97b181dffba64cb464692097a3aaa5c3371f544a8d46ade912d972903440bf6e191b227247fdcebe5762891eeb6b054b7df32f94c4369

      Download Submit