Overview

overview

8

Static

static

617a954ca3...32.exe

windows7-x64

8

617a954ca3...32.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    43s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2022, 17:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    617a954ca3243a067efab3543dbb901e6f1a5a0c911f281629acbaa3ab859232.exe

  • Size

    412KB

  • MD5

    a0693a04cc76ad0a6116f1f925d903c0

  • SHA1

    c826a24b0d466e70bc3367d61eadab7682556e20

  • SHA256

    617a954ca3243a067efab3543dbb901e6f1a5a0c911f281629acbaa3ab859232

  • SHA512

    c2569373aa50fa9d3040d824db234e9c31f3d2249362b59e3e81c486fefa49ffbc181f4d94c8f649f4be124be92f05075cc428c21248dd91c173793b28606409

  • SSDEEP

    6144:g6f6p0X4qumAxSRLnoPhL20gKc1ilJPZNkCLNr3Kr/u2x58uncuCKWYyYCcFV4ry:0p06UI9gKcaLLSdCKqYCemfxDIz

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\617a954ca3243a067efab3543dbb901e6f1a5a0c911f281629acbaa3ab859232.exe
    "C:\Users\Admin\AppData\Local\Temp\617a954ca3243a067efab3543dbb901e6f1a5a0c911f281629acbaa3ab859232.exe"
    1⤵
    • Drops file in Drivers directory
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1672
    • \??\c:\program files\Realplayer\meter\requires.exe
      "c:\program files\Realplayer\meter\requires.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1576

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Realplayer\meter\requires.exe
          Filesize

          412KB

          MD5

          fbab42937c76f989e7c0af16f8906936

          SHA1

          940fc1fff39ff60658a1bf9bda6a47d8dc80ff70

          SHA256

          b7cb9c56227bf100e10142ab492aad67226a317a10bfea97dfa07ac66cd94387

          SHA512

          3653a3439fb4d9e2141115c7d711771ec28882e2e224758d020b8b17c18200ccda7bda3edcb7bccf4b8aeab688e5b539930f8afb74971a9723a154325d5e0ee2

          Download Submit

        • \Program Files\Realplayer\meter\requires.exe
          Filesize

          412KB

          MD5

          fbab42937c76f989e7c0af16f8906936

          SHA1

          940fc1fff39ff60658a1bf9bda6a47d8dc80ff70

          SHA256

          b7cb9c56227bf100e10142ab492aad67226a317a10bfea97dfa07ac66cd94387

          SHA512

          3653a3439fb4d9e2141115c7d711771ec28882e2e224758d020b8b17c18200ccda7bda3edcb7bccf4b8aeab688e5b539930f8afb74971a9723a154325d5e0ee2

          Download Submit

        • \Program Files\Realplayer\meter\requires.exe
          Filesize

          412KB

          MD5

          fbab42937c76f989e7c0af16f8906936

          SHA1

          940fc1fff39ff60658a1bf9bda6a47d8dc80ff70

          SHA256

          b7cb9c56227bf100e10142ab492aad67226a317a10bfea97dfa07ac66cd94387

          SHA512

          3653a3439fb4d9e2141115c7d711771ec28882e2e224758d020b8b17c18200ccda7bda3edcb7bccf4b8aeab688e5b539930f8afb74971a9723a154325d5e0ee2

          Download Submit

        • memory/1672-54-0x0000000075111000-0x0000000075113000-memory.dmp

          Filesize

          8KB

          Download