Overview

overview

3

Static

static

f17afcb110...08.exe

windows7-x64

3

f17afcb110...08.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    7s
  • max time network
    2s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/10/2022, 21:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f17afcb110368b3b06d755c2208f09f7d711069254f36d489c2a3ba530764e08.exe

  • Size

    240KB

  • MD5

    0f40fd6774ec98c4893f102c738d324d

  • SHA1

    8fc378008d19e27173882039b968ea9dc1cd1bbd

  • SHA256

    f17afcb110368b3b06d755c2208f09f7d711069254f36d489c2a3ba530764e08

  • SHA512

    cea303175b3d17e40f18ab76322d725076f11ec48b7986b1274dcbcd670140e1a0d0b5adeb1b482fb480be72e6be75c17b2c9c7c7560b1bb440dcf9b58cade13

  • SSDEEP

    6144:kob5UtO7RQjX7XN1kd9JbSDviiopNDa/N08i1/W:64xNTW

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f17afcb110368b3b06d755c2208f09f7d711069254f36d489c2a3ba530764e08.exe
    "C:\Users\Admin\AppData\Local\Temp\f17afcb110368b3b06d755c2208f09f7d711069254f36d489c2a3ba530764e08.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2628
    • C:\Users\Admin\suowoq.exe
      "C:\Users\Admin\suowoq.exe"
      2⤵
        PID:4280

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\suowoq.exe
            Filesize

            132KB

            MD5

            4ceab1295469d8b295362ad18b565397

            SHA1

            2f5f5276c38333c230cd06b496c20bbb45b95eff

            SHA256

            296fe957f9a0d7021987af3d41f57ee2a28f94a1fed88164b29d6a8ff12ba967

            SHA512

            9ed3516c9f9fe4b2673e29fe48eb6afaa8c3be319aae07adde999d5a9e4fa0c9a56a49014d5658c9f85dba7fc1558442efd9d63602b576941f8b59f20820b032

            Download Submit

          • C:\Users\Admin\suowoq.exe
            Filesize

            170KB

            MD5

            6a0f49c07abc0ea88c172dda73d21a66

            SHA1

            447ff0f5e3c22d86b30af7ac48e1af50fd7f615b

            SHA256

            4487787c6aa0b431b2c3c2d456d758f946afc2cd948cce6d6b78455f61c14123

            SHA512

            6431df1c939e8ce55ea6baeecf5fae7727459bc6b37d5c5812dbb9890650fccad8de18597b32120df23f366aa36a6007cb91da8bd07fc93e382545943d930abc

            Download Submit

          • memory/2628-134-0x0000000000400000-0x000000000043D000-memory.dmp

            Filesize

            244KB

            Download

          • memory/2628-141-0x0000000000400000-0x000000000043D000-memory.dmp

            Filesize

            244KB

            Download

          • memory/4280-140-0x0000000000400000-0x000000000043D000-memory.dmp

            Filesize

            244KB

            Download