Analysis

  • max time kernel
    160s
  • max time network
    207s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-10-2022 04:03

General

  • Target

    015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe

  • Size

    3.1MB

  • MD5

    5c2393cb61a7176b60d3c21f0ede8df4

  • SHA1

    e362a1b764ed72896dafc8b5e51e1afd294b10d6

  • SHA256

    015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62

  • SHA512

    3c7907367afc5ca140935d6f140d8e8ce8ab71008c9972d7644d89515a5dcd133da54552ad83d3a16908c2029fd69bfc32a8a485425b09ece74266acdc44d011

  • SSDEEP

    49152:zirz0+VsbK8eMXrpDQvs7kM1UG24PHLfSHJIBL2rPhPJMbsdUUNEu4q8mdjZ/f:zUz0+VSKsbpcL34PHLK2L2LhPYqas

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe
    "C:\Users\Admin\AppData\Local\Temp\015a5c5e8f63e17386c90f6ff536bfd6f66ce5c05c1b8c449d4887d74140fb62.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2068
    • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\Project1.exe
      Project1.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\Project1.exe

    Filesize

    244KB

    MD5

    1a864e378323e8d437df70a2e08ecb4a

    SHA1

    e29b42442aed9ba5d8d9317b705ae285cd4cab8c

    SHA256

    3eb9a8a2388878e26be6f20cc53b7de7a82ef1ff801b73e7c631a94f4455b8ec

    SHA512

    cab52bd10f6b6581f19d542b82dbf889f1cbeb0762836035b18337ed6cc1393ca1f7e1187cabe26610211705c7bdf2839a7fe7aa27578c3580e3bd1799890eb3

  • C:\Users\Admin\AppData\Local\Temp\WZSE0.TMP\Project1.exe

    Filesize

    244KB

    MD5

    1a864e378323e8d437df70a2e08ecb4a

    SHA1

    e29b42442aed9ba5d8d9317b705ae285cd4cab8c

    SHA256

    3eb9a8a2388878e26be6f20cc53b7de7a82ef1ff801b73e7c631a94f4455b8ec

    SHA512

    cab52bd10f6b6581f19d542b82dbf889f1cbeb0762836035b18337ed6cc1393ca1f7e1187cabe26610211705c7bdf2839a7fe7aa27578c3580e3bd1799890eb3