Overview

overview

8

Static

static

3e214d7ce8...fe.exe

windows7-x64

8

3e214d7ce8...fe.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    92s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 15:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3e214d7ce834b319bc0a524f8b91ebc1dfd55b28e410fbd2abce9c631c6e7dfe.exe

  • Size

    38KB

  • MD5

    5aab8275cd89ca4a43ae8aa446a6d8f0

  • SHA1

    9daf0211d06fdb69504d8fc233bffa5e26c5a992

  • SHA256

    3e214d7ce834b319bc0a524f8b91ebc1dfd55b28e410fbd2abce9c631c6e7dfe

  • SHA512

    f4d22a5adf38098903c3128cb9f63d75d0f3fd78edea86972dc77692d1669e19104ac89ab2507e1e7ce48b09f8145b79123e7a3ea95adda852e8709288531181

  • SSDEEP

    768:mumN9a3t9JG4qEm4WF8KDbZ5noyH6/hrwMw5:muI9ot9JGDnLZ5noyHQhs5

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 3 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3e214d7ce834b319bc0a524f8b91ebc1dfd55b28e410fbd2abce9c631c6e7dfe.exe
    "C:\Users\Admin\AppData\Local\Temp\3e214d7ce834b319bc0a524f8b91ebc1dfd55b28e410fbd2abce9c631c6e7dfe.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious behavior: RenamesItself
    • Suspicious use of SetWindowsHookEx
    PID:4928
  • C:\Windows\SysWOW64\ceacgc.exe
    C:\Windows\SysWOW64\ceacgc.exe
    1⤵
    • Executes dropped EXE
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:5036

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\ceacgc.exe
          Filesize

          38KB

          MD5

          5aab8275cd89ca4a43ae8aa446a6d8f0

          SHA1

          9daf0211d06fdb69504d8fc233bffa5e26c5a992

          SHA256

          3e214d7ce834b319bc0a524f8b91ebc1dfd55b28e410fbd2abce9c631c6e7dfe

          SHA512

          f4d22a5adf38098903c3128cb9f63d75d0f3fd78edea86972dc77692d1669e19104ac89ab2507e1e7ce48b09f8145b79123e7a3ea95adda852e8709288531181

          Download Submit

        • C:\Windows\SysWOW64\ceacgc.exe
          Filesize

          38KB

          MD5

          5aab8275cd89ca4a43ae8aa446a6d8f0

          SHA1

          9daf0211d06fdb69504d8fc233bffa5e26c5a992

          SHA256

          3e214d7ce834b319bc0a524f8b91ebc1dfd55b28e410fbd2abce9c631c6e7dfe

          SHA512

          f4d22a5adf38098903c3128cb9f63d75d0f3fd78edea86972dc77692d1669e19104ac89ab2507e1e7ce48b09f8145b79123e7a3ea95adda852e8709288531181

          Download Submit

        • C:\Windows\SysWOW64\hra33.dll
          Filesize

          47KB

          MD5

          c07067a349ef4a0df683139a8db8ec20

          SHA1

          a7d8b5f867694bbf81f3c98708223955894bd1d3

          SHA256

          23d1bf0a860caac958e174e67d91d24e8603503deccc5de21f4db3249f3de6ab

          SHA512

          0ec1b24d7e775ab20ee7cf3833685f351d4c0806644821e6875f25c37ef5f0afe04dbff57c1b1c101e8059b2761b1d7d1518c070cd6c16662fc990cd24252a86

          Download Submit