Overview

overview

7

Static

static

de4bd67790...ab.exe

windows7-x64

7

de4bd67790...ab.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    160s
  • max time network
    190s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/10/2022, 01:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    de4bd677901ef7aef00fc2757bca1618c42c7e65ba0d4ad04af3d3fa516361ab.exe

  • Size

    84KB

  • MD5

    6831d43d092e52fd8095c4a192166bf0

  • SHA1

    d681fc48f45340a2860268df9e3481261e5c2e1f

  • SHA256

    de4bd677901ef7aef00fc2757bca1618c42c7e65ba0d4ad04af3d3fa516361ab

  • SHA512

    628038f70a7d225def15e30b97371d7360e53d145eb01ecf8039b4567bfd5f1bedb7fd462e5e2edb1a9a5be458c49e5a4bafae3b9b2da76d2b7b9ecf4faadea3

  • SSDEEP

    1536:UJwsHslhVsETri9gF8CIL7lpL2lwvgWC5fFG6ToSqkIXg02Qw:UJwNToCIL7OlGgWC5fFG6TVqkIXg02Qw

Score
7/10
spywarestealer

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\de4bd677901ef7aef00fc2757bca1618c42c7e65ba0d4ad04af3d3fa516361ab.exe
    "C:\Users\Admin\AppData\Local\Temp\de4bd677901ef7aef00fc2757bca1618c42c7e65ba0d4ad04af3d3fa516361ab.exe"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of FindShellTrayWindow
    PID:632

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/632-132-0x00007FF8A84E0000-0x00007FF8A8F16000-memory.dmp

    Filesize

    10.2MB

    Download

  • memory/632-133-0x00000000017BA000-0x00000000017BF000-memory.dmp

    Filesize

    20KB

    Download

  • memory/632-134-0x00000000017BA000-0x00000000017BF000-memory.dmp

    Filesize

    20KB

    Download