Overview

overview

7

Static

static

0827a24c84...a5.exe

windows7-x64

7

0827a24c84...a5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2022, 20:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0827a24c8448b9b596a543250df482608f789c631c1c05d6e0ef501ebd936aa5.exe

  • Size

    2.6MB

  • MD5

    88b0f8aee34bca2b28e4d1987ff6d583

  • SHA1

    b26223e51ba72c3c54a6dce3e014c6b5823c8215

  • SHA256

    0827a24c8448b9b596a543250df482608f789c631c1c05d6e0ef501ebd936aa5

  • SHA512

    9feb4312bd084c8c88b1e8f1377b10e7009166103b6ebbce86700a74f3a6a7e745a655460f7b051a7665a7b94c5b2a53b6de0a2866586496b27abf35e433ceec

  • SSDEEP

    49152:LhAU5iKvAjHc/j3aDSAxo7Y+Dv1O5Mi+EfqsRudSNMiHiihbK2PiS/ehDx:aUoe4HIj3aDjctdGX+u/RKIjZK2PNIx

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 6 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0827a24c8448b9b596a543250df482608f789c631c1c05d6e0ef501ebd936aa5.exe
    "C:\Users\Admin\AppData\Local\Temp\0827a24c8448b9b596a543250df482608f789c631c1c05d6e0ef501ebd936aa5.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1980

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\E_N60005\ExtMenu.fnr
          Filesize

          188KB

          MD5

          815f7b24563a687ac83d177487463171

          SHA1

          3fa8bcd99cebee884856c99f95f85f409fccd4ca

          SHA256

          60b2b63afe9f1f8b30acd7d947665c45907006a557e217f2df606345459abdc3

          SHA512

          1f72231f285db33ac074bace4c0c9577f806378a695e2db07a7fd4e1327e51886cc04b9b83b61e3abf349c6cfc6014cee5a78b6c867f7dc91a63ebfe461595b2

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\YunPDFView.fne
          Filesize

          1.6MB

          MD5

          c37b18327c3582325821f32e32f4cb8c

          SHA1

          250b69edf131f9977f901932cdd6138d6ebbda90

          SHA256

          f8fea4345d10c6768cb3328cb0629632f4719df3e6c2787b1d3809673b6d63ce

          SHA512

          1b88ca6f185e310b1a16db38bd1a97ff9d3822a229827ac2c61e4b6c62f56e07f094577b8105a6b49349f2ecf2b07714f24cb865624152941653f69247cec798

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\eGrid.fne
          Filesize

          404KB

          MD5

          9c80fda2e1e98f3ab0873a2ea3e6be7f

          SHA1

          6eac9c5ef36a4d799bdf683823a4f3e912f4f470

          SHA256

          0a12fcbe6832aad4143dd2ad87a60e9ff4f04fa440831f910557f820ba21fe18

          SHA512

          3300f22c26fe25480b7f01d90a80d53df572f80aa1b0e9a2dfa9098b634890895fbfbb2c17224d3c0a63001785f0ae1f4e1458293047c559c50213699285503f

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\iext.fnr
          Filesize

          204KB

          MD5

          856495a1605bfc7f62086d482b502c6f

          SHA1

          86ecc67a784bc69157d664850d489aab64f5f912

          SHA256

          8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

          SHA512

          35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\krnln.fnr
          Filesize

          1.2MB

          MD5

          e751a0e5a8cdb5477e7979d7b471426f

          SHA1

          815b415379fdbace8b3f3d1d45482fc45a8948f1

          SHA256

          7e94037fca451f2b7bf82d0cfbdd7b64bc24df07e9c09f762352d4eea5fcd92e

          SHA512

          1030dd2234bf2bf0433556ae439f858867bd5874ca809bd34e0df1d122a60db7aa12e7688b09bef5f916b406f1b2170f32d3e274527ccb843acb9fff42022b3c

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_N60005\spec.fne
          Filesize

          72KB

          MD5

          bd6eef5ea9a52a412a8f57490d8bd8e4

          SHA1

          ab61ad7f66c5f6dfb8d28eba1833591469951870

          SHA256

          0c9e6eb8648f4bf5c585d5344035e91c3249bb9686a302503b4681b7ba828dc0

          SHA512

          1c43e50270eed071c8ef35e1c4695a93b9f98e668d4aebb44eb3b620efd2624b381554d2daf2d017f764b485e060abd589216043adea19eac94028ce66cc2025

          Download Submit

        • memory/1980-57-0x0000000002560000-0x00000000025D5000-memory.dmp

          Filesize

          468KB

          Download

        • memory/1980-63-0x0000000001DD0000-0x0000000001E0F000-memory.dmp

          Filesize

          252KB

          Download

        • memory/1980-60-0x0000000000290000-0x00000000002D1000-memory.dmp

          Filesize

          260KB

          Download

        • memory/1980-66-0x0000000002C20000-0x0000000002DC8000-memory.dmp

          Filesize

          1.7MB

          Download

        • memory/1980-55-0x0000000076031000-0x0000000076033000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1980-69-0x0000000002600000-0x0000000002617000-memory.dmp

          Filesize

          92KB

          Download

        • memory/1980-70-0x0000000000400000-0x00000000004AC000-memory.dmp

          Filesize

          688KB

          Download