Analysis
-
max time kernel
160s -
max time network
207s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
21-10-2022 04:03
Static task
static1
Behavioral task
behavioral1
Sample
015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe
Resource
win10v2004-20220812-en
General
-
Target
015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe
-
Size
3.1MB
-
MD5
5c2393cb61a7176b60d3c21f0ede8df4
-
SHA1
e362a1b764ed72896dafc8b5e51e1afd294b10d6
-
SHA256
015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62
-
SHA512
3c7907367afc5ca140935d6f140d8e8ce8ab71008c9972d7644d89515a5dcd133da54552ad83d3a16908c2029fd69bfc32a8a485425b09ece74266acdc44d011
-
SSDEEP
49152:zirz0+VsbK8eMXrpDQvs7kM1UG24PHLfSHJIBL2rPhPJMbsdUUNEu4q8mdjZ/f:zUz0+VSKsbpcL34PHLK2L2LhPYqas
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
pid Process 2736 Project1.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2736 Project1.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2068 wrote to memory of 2736 2068 015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe 83 PID 2068 wrote to memory of 2736 2068 015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe 83 PID 2068 wrote to memory of 2736 2068 015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe 83
Processes
-
C:\Users\Admin\AppData\Local\Temp\015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe"C:\Users\Admin\AppData\Local\Temp\015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2068 -
C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\Project1.exeProject1.exe2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
PID:2736
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
244KB
MD51a864e378323e8d437df70a2e08ecb4a
SHA1e29b42442aed9ba5d8d9317b705ae285cd4cab8c
SHA2563eb9a8a2388878e26be6f20cc53b7de7a82ef1ff801b73e7c631a94f4455b8ec
SHA512cab52bd10f6b6581f19d542b82dbf889f1cbeb0762836035b18337ed6cc1393ca1f7e1187cabe26610211705c7bdf2839a7fe7aa27578c3580e3bd1799890eb3
-
Filesize
244KB
MD51a864e378323e8d437df70a2e08ecb4a
SHA1e29b42442aed9ba5d8d9317b705ae285cd4cab8c
SHA2563eb9a8a2388878e26be6f20cc53b7de7a82ef1ff801b73e7c631a94f4455b8ec
SHA512cab52bd10f6b6581f19d542b82dbf889f1cbeb0762836035b18337ed6cc1393ca1f7e1187cabe26610211705c7bdf2839a7fe7aa27578c3580e3bd1799890eb3