Overview

overview

7

Static

static

31e805d894...c3.exe

windows7-x64

7

31e805d894...c3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    65s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    09/10/2022, 20:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    31e805d89441e5ea3b67376eb628dce84286fe187e43f427ef0a605b51cefac3.exe

  • Size

    11.0MB

  • MD5

    4fbb70c334eac102e0b306b9e5eedd0c

  • SHA1

    1bd3fe602bff8184e262aa732d246a7f2d1c72e8

  • SHA256

    31e805d89441e5ea3b67376eb628dce84286fe187e43f427ef0a605b51cefac3

  • SHA512

    9d031dbd92172b2b36e4016d31954e47cc03d3edd7aa31889704c863f4a3bc3fc66ef6986a2f5b88e55df93f5597d4eb601a97744a6cbc9b9eb916ef66a13a67

  • SSDEEP

    196608:H3d2+uVZ37RhzA0eaPCO9V0vExngIC/MElo3+2bBkOqGBApyvKGJTCusDyoyD:Ht1S37Rm0eaPkvElgIuM33qXGqoKG3oa

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious use of SetWindowsHookEx 52 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\31e805d89441e5ea3b67376eb628dce84286fe187e43f427ef0a605b51cefac3.exe
    "C:\Users\Admin\AppData\Local\Temp\31e805d89441e5ea3b67376eb628dce84286fe187e43f427ef0a605b51cefac3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1960

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\E_N60005\eAPI.fne
          Filesize

          308KB

          MD5

          7c1ff88991f5eafab82b1beaefc33a42

          SHA1

          5ea338434c4c070aaf4e4e3952b4b08b551267bc

          SHA256

          53483523c316ad8c022c2b07a5cabfff3339bc5cb5e4ac24c3260eea4f4d9731

          SHA512

          310c90c82b545160420375c940b4d6176400e977f74048bfe2e0d0784bc167b361dc7aac149b8379f6e24050a253f321a6606295414ea9b68a563d59d0d17a48

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\eCompress.fne
          Filesize

          168KB

          MD5

          cec48a22d4498f8ecc9bc62d3c6cc2ef

          SHA1

          3c2118b210c43a05b51b93253d0f391df0b64ef5

          SHA256

          6392ec048d8977e4e67de0b93508561611da53ab8caad2acdf525739a6d79019

          SHA512

          de6855c961bbcd7f0b49ac2c0b8682d9acb9cf8ae91aa59071ce6f03982eca285ea330847b18e7ab7e5c2b736d08c11ccc20d8abe4d2b8de544d9179bb84c4dc

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\iext.fnr
          Filesize

          204KB

          MD5

          856495a1605bfc7f62086d482b502c6f

          SHA1

          86ecc67a784bc69157d664850d489aab64f5f912

          SHA256

          8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

          SHA512

          35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\iext3.fne
          Filesize

          384KB

          MD5

          d2a9c02acb735872261d2abc6aff7e45

          SHA1

          fce6c2cf2465856168ea55ccd806155199a6f181

          SHA256

          0216a0f6d6d5360ab487e696b26a39eb81a1e2c8cd7f59c054c90ab99a858daf

          SHA512

          c29a0669630ddf217d0a0dcd88272d1ec05b6e5cd7ab2eb9379bdc16efbc40a6c17cfd8a5dba21ce07060d54a2a3d8944aaa36a3b92e8025112a751d264a897d

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\krnln.fnr
          Filesize

          1.2MB

          MD5

          1eece63319e7c5f6718562129b1572f1

          SHA1

          089ea3a605639eb1292f6a2a9720f0b2801b0b6e

          SHA256

          4bed8a6e4e1548fddee40927b438132b47ef2aca6e9beb06b89fcf7714726310

          SHA512

          13537d1dd80fa87b6b908361957e8c434ca547a575c8c8aab43423063e60cb5523fb1843a467ae73db4a64d278c06b831551e78ae6d895201f7ef0c5b162c1ab

          Download Submit

        • memory/1960-55-0x00000000751A1000-0x00000000751A3000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1960-57-0x0000000003AC0000-0x0000000003B2F000-memory.dmp

          Filesize

          444KB

          Download

        • memory/1960-60-0x0000000003C30000-0x0000000003C71000-memory.dmp

          Filesize

          260KB

          Download

        • memory/1960-63-0x0000000003DE0000-0x0000000003E19000-memory.dmp

          Filesize

          228KB

          Download

        • memory/1960-66-0x00000000040C0000-0x000000000411D000-memory.dmp

          Filesize

          372KB

          Download

        • memory/1960-68-0x0000000000400000-0x00000000009DF000-memory.dmp

          Filesize

          5.9MB

          Download