Analysis
-
max time kernel
62s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
11-10-2022 08:47
General
-
Target
0d2c87d67eefe44751c99b28cfe91c921145ea8e01be1f7ab75044353d6177cc.exe
-
Size
212KB
-
MD5
7c183a11518654f66b173f4279c57e00
-
SHA1
8cd239e9dcc624914a90abbbee52995c78a233aa
-
SHA256
0d2c87d67eefe44751c99b28cfe91c921145ea8e01be1f7ab75044353d6177cc
-
SHA512
a3130b88698c5cbba0e8d1bfb8c4008226e2d6cf3d37bce2209d8b35753ff626560e68d65fe4db254553a565b1cb2395fa2d9efee32aad51648ac3a7b47d6853
-
SSDEEP
6144:RYR5tqnkNP+knH6o/r/rj5C0nXzT0U46hM5gGbME:OR5tHh+knaYXj57n/T41gGbX
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\0d2c87d67eefe44751c99b28cfe91c921145ea8e01be1f7ab75044353d6177cc.exe"C:\Users\Admin\AppData\Local\Temp\0d2c87d67eefe44751c99b28cfe91c921145ea8e01be1f7ab75044353d6177cc.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4908 -s 6202⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4908 -ip 49081⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
175KB
MD5039dc06b6819e0baaa366179a980c9d8
SHA13e82aa9d8511d37b5b68b9733482213285213ba6
SHA2561ff2c6a258be86e56442df8d55779f785e685f7ec19b37b483a2f3e814bfeb3f
SHA512097615501b7f11888bf603f78d9176985ad836f10513d0e7f39835d3667f4f1719ae2f0fdd7f689c569645a49035e54b8b615f252021d8a826ffeb487bdd0eb4
-
Filesize
220KB
-
Filesize
164KB
-
Filesize
104KB
-
Filesize
220KB