Overview

overview

6

Static

static

f8bff527b3...e4.exe

windows7-x64

6

f8bff527b3...e4.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    33s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2022, 18:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f8bff527b30db739a528a138232de074e307b903547e93585ebd90e153868fe4.exe

  • Size

    713KB

  • MD5

    9ea168ac398c4772f1a542db8e5cf16e

  • SHA1

    8f4405b849e5aa934d761cf1c48c346cd3895e15

  • SHA256

    f8bff527b30db739a528a138232de074e307b903547e93585ebd90e153868fe4

  • SHA512

    f54d7b3b3d28af7f91fa219782c11eec7469efc80e01314a41e14c2b086e109da161e8d866c620b024a31b48e1d93698b0d98f511b9c22b715747a8306f4063b

  • SSDEEP

    12288:ekjLS4CMeHGiPt1Gt0MuhG5CYQp1EDnaaUxj7AEWoUkprBr:e4OdMemE1Gt0MuSClppLh/19r

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f8bff527b30db739a528a138232de074e307b903547e93585ebd90e153868fe4.exe
    "C:\Users\Admin\AppData\Local\Temp\f8bff527b30db739a528a138232de074e307b903547e93585ebd90e153868fe4.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1348

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1348-54-0x00000000750A1000-0x00000000750A3000-memory.dmp

          Filesize

          8KB

          Download