Overview

overview

7

Static

static

9ebde56a68...87.exe

windows7-x64

1

9ebde56a68...87.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    126s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 15:34

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9ebde56a6820161c678b120af481d987b369889dfe9e8e0273334cfda61e7087.exe

  • Size

    204KB

  • MD5

    823423a53a2f4b6747d3acb290609e60

  • SHA1

    e9142da028092d6e3793bb9bce8376ba937eb00a

  • SHA256

    9ebde56a6820161c678b120af481d987b369889dfe9e8e0273334cfda61e7087

  • SHA512

    4263bad4aad59f6621f5c25b3eb73e52d9a37abc2b1f976f94d23e6b1ac7f47ac9b2f9388eacdf22b62fde8f24310ccf9f73adfacc7ec7f434d2b3be8b067dbb

  • SSDEEP

    3072:DRJQjhh8OgNm7O5VXHHNEblYrlGGiZMFjoSZZWBefTuv5:DRehLgNuOPHHNEbqr5HFLYEY5

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9ebde56a6820161c678b120af481d987b369889dfe9e8e0273334cfda61e7087.exe
    "C:\Users\Admin\AppData\Local\Temp\9ebde56a6820161c678b120af481d987b369889dfe9e8e0273334cfda61e7087.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:4772

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\olemdb32.dll
          Filesize

          23KB

          MD5

          65387b1305f01ede9bce1b664207d5d7

          SHA1

          19d719d16958e6a1c5367b578cb9ff7700e695bf

          SHA256

          148f1d2ce99fb0305e53fd24add20cd19cc420e9c1d1b64abf42b456da94cd23

          SHA512

          cd64957c47979626be9a77b2a2ee2d0b22b72540369a4b6cfe1c1c9f8180b546db0b6e637259dd8f7a09506d738ec57fc34b116e199641c40f55e0d5b40a2a29

          Download Submit

        • memory/4772-133-0x0000000000400000-0x0000000000451000-memory.dmp

          Filesize

          324KB

          Download

        • memory/4772-134-0x0000000010000000-0x000000001000F000-memory.dmp

          Filesize

          60KB

          Download