Overview

overview

7

Static

static

3b978faca0...5b.exe

windows7-x64

7

3b978faca0...5b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    153s
  • max time network
    164s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 16:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b978faca0e995dbdc6b542e238300ed2ed80bd5ba21c6b5aa744ac12575c05b.exe

  • Size

    557KB

  • MD5

    82bdab0041394fa93f4b84331f513ce0

  • SHA1

    588e7512196387eafe1fcbe40c4b00bde4b576fb

  • SHA256

    3b978faca0e995dbdc6b542e238300ed2ed80bd5ba21c6b5aa744ac12575c05b

  • SHA512

    158caa2ec15d7dff60232abbe8b251d545fde81237a807a31e9a6590c5b0d87fb14f1fee498fff25297107d5cc5b6c8c63bdc3c1114f06ef4a574db92a09ac5e

  • SSDEEP

    6144:+N73TeVbl0ZnF0y6oSOtrHX6H5wITUXj/MBZEcmUbPl6d1i2QqQwv4LhYM:2SP0ZnFhtSO05ZQj/MzEcKn9Q7wv0d

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b978faca0e995dbdc6b542e238300ed2ed80bd5ba21c6b5aa744ac12575c05b.exe
    "C:\Users\Admin\AppData\Local\Temp\3b978faca0e995dbdc6b542e238300ed2ed80bd5ba21c6b5aa744ac12575c05b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:4852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dfs4E8D.tmp
    Filesize

    306KB

    MD5

    3ca0638e7119f63f2b6fc7426b3b0f8f

    SHA1

    fa699c3cb5ec74cfc8ebdade3a8a3dc014c29582

    SHA256

    82fcb7e72f5bee64eecbf9c1e553d65374951ffccaaa07d5848d624d732d40cf

    SHA512

    0769d88beb6fafe83bcc9176fc7892b8ba9c4a02be37129a57dc6513472b245179afea1abad161179414ef625890e1e8f6ac76d1d907887fe73f0ddb140e61e8

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\dfs4E8D.tmp
    Filesize

    306KB

    MD5

    3ca0638e7119f63f2b6fc7426b3b0f8f

    SHA1

    fa699c3cb5ec74cfc8ebdade3a8a3dc014c29582

    SHA256

    82fcb7e72f5bee64eecbf9c1e553d65374951ffccaaa07d5848d624d732d40cf

    SHA512

    0769d88beb6fafe83bcc9176fc7892b8ba9c4a02be37129a57dc6513472b245179afea1abad161179414ef625890e1e8f6ac76d1d907887fe73f0ddb140e61e8

    Download Submit

  • memory/4852-134-0x0000000005090000-0x00000000050E2000-memory.dmp

    Filesize

    328KB

    Download

  • memory/4852-135-0x00000000059F0000-0x0000000005F94000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4852-136-0x0000000005350000-0x00000000053E2000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4852-137-0x0000000005330000-0x000000000533A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4852-138-0x00000000093E0000-0x0000000009446000-memory.dmp

    Filesize

    408KB

    Download

  • memory/4852-139-0x000000000E670000-0x000000000EE16000-memory.dmp

    Filesize

    7.6MB

    Download