Overview

overview

7

Static

static

a70be25a1e...c3.exe

windows7-x64

7

a70be25a1e...c3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    103s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    22-09-2022 09:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a70be25a1ef056cea5a71becfab562351acabd8b69c275d1ce22033a06782fc3.exe

  • Size

    5.0MB

  • MD5

    55c219f16a412fc1cdf61fd2ad031502

  • SHA1

    f9b63234aa29a69de11ddacacb64f7d579c1a144

  • SHA256

    a70be25a1ef056cea5a71becfab562351acabd8b69c275d1ce22033a06782fc3

  • SHA512

    3adfe2ac110143e4cb5e0f2589217153251d62de71d2febe3984150804e77a78ca76abdcd6a07610c8504a39b721846706f1bf1b8ad91efa5dfc7347d18cb8a7

  • SSDEEP

    98304:cNoMoRJBAUZLQ6T6F9628sPyYFivvKncMpzJOPm:qOJV86z28whivVm

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a70be25a1ef056cea5a71becfab562351acabd8b69c275d1ce22033a06782fc3.exe
    "C:\Users\Admin\AppData\Local\Temp\a70be25a1ef056cea5a71becfab562351acabd8b69c275d1ce22033a06782fc3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:784

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\E2EECore.2.3.0.dll
    Filesize

    8.2MB

    MD5

    b36c5ac6ebe053d9c9e638b688723f46

    SHA1

    63c51f04293e26a8a49fa04c5e0b342ffae5381f

    SHA256

    860394ea3a52757ce1a875e5a598c3c30752a673150df37b7c0e599f224f5877

    SHA512

    933f428911ed0e56fa201f124ab85f5383cf9ae3465516c8eaf4d2d63788ffd3812df67f3fd75a1304b26e4bcebc6bd84fa08563dd5b9c4727f86bf96a0d5a09

    Download Submit

  • memory/784-54-0x0000000075FC1000-0x0000000075FC3000-memory.dmp

    Filesize

    8KB

    Download