Overview

overview

7

Static

static

64909e331e...54.exe

windows7-x64

7

64909e331e...54.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    10/10/2022, 20:02

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    64909e331e0fabd99106e5d6756400822bd0e0ad78cc82ddfd721e269f074954.exe

  • Size

    5.4MB

  • MD5

    2c1a80c1a524e8528c1f0122e9fe636d

  • SHA1

    e709cdf113a01e053e0d48cd013adcb353e39ab2

  • SHA256

    64909e331e0fabd99106e5d6756400822bd0e0ad78cc82ddfd721e269f074954

  • SHA512

    b96fb31281053b35b55b082b5f949336ef9322c1027e1961283056a819f70fe2d5b36c64abbfb7612ffb729bd9491b6ac25d04198a2e316302d3d2247f6eb8f3

  • SSDEEP

    98304:oyYhN3rBSrjVbg3aszIJvPHXS/JBAUZLF:oH65c3a88S/JVB

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 4 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\64909e331e0fabd99106e5d6756400822bd0e0ad78cc82ddfd721e269f074954.exe
    "C:\Users\Admin\AppData\Local\Temp\64909e331e0fabd99106e5d6756400822bd0e0ad78cc82ddfd721e269f074954.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:1808

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\gzip.dll
          Filesize

          29KB

          MD5

          8b3591965f623b219c0c528153746cab

          SHA1

          020961494fa0e08779b7aacf4422269935354f7d

          SHA256

          97ea3d99cf21123bc1aec72f9ded6a51ac659830392adfefd424eb799ab0219e

          SHA512

          6e547197d160c9ec13cf2384add1bb6753276e3dab97d951adba9257d6bf999720635a7b9d94a5ca8b94bdda2f25f36c5938d126bc3e46a358e1fad072132351

          Download Submit

        • memory/1808-54-0x0000000076171000-0x0000000076173000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1808-56-0x00000000003B0000-0x00000000003DA000-memory.dmp

          Filesize

          168KB

          Download

        • memory/1808-57-0x0000000000400000-0x00000000009C1000-memory.dmp

          Filesize

          5.8MB

          Download

        • memory/1808-58-0x00000000003B0000-0x00000000003DA000-memory.dmp

          Filesize

          168KB

          Download

        • memory/1808-59-0x0000000000400000-0x00000000009C1000-memory.dmp

          Filesize

          5.8MB

          Download