Overview

overview

9

Static

static

5b6b1f8568...ec.exe

windows7-x64

9

5b6b1f8568...ec.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    141s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-11-2022 11:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b6b1f8568bc77b8084fd69c54f8aad8b29634a31bab5266c7cd469b1a1ed2ec.exe

  • Size

    291KB

  • MD5

    0d1c3e78236aa14d875b85f2d8c6c23d

  • SHA1

    e95f8af5a2ec4a6eeaa12709464a051aba442792

  • SHA256

    5b6b1f8568bc77b8084fd69c54f8aad8b29634a31bab5266c7cd469b1a1ed2ec

  • SHA512

    eb193951ee7f5e67fb444f4b4327710ccfab504530ffb963375c10c632a6d8430eb01bac89c92a5df44bb5638926bbbc1a8fa208137737863bf6badde30e08f4

  • SSDEEP

    6144:m7PQDicDqpUSodXw/gQXtUJlhesFuEIOd:CPQGWRw/gQXtU3F4FW

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b6b1f8568bc77b8084fd69c54f8aad8b29634a31bab5266c7cd469b1a1ed2ec.exe
    "C:\Users\Admin\AppData\Local\Temp\5b6b1f8568bc77b8084fd69c54f8aad8b29634a31bab5266c7cd469b1a1ed2ec.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\wli75E0.tmp
    Filesize

    172KB

    MD5

    685f1cbd4af30a1d0c25f252d399a666

    SHA1

    6a1b978f5e6150b88c8634146f1406ed97d2f134

    SHA256

    0e478c95a7a07570a69e6061e7c1da9001bccad9cc454f2ed4da58824a13e0f4

    SHA512

    6555ad6b4f4f26105ca8aad64501d74519a3e091f559b4b563d6ffb20a2ddfcde65e4fe94971a9bc65e86db577f2548ca00f9920d341c8ea808b04c0947d61d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\wli75E0.tmp
    Filesize

    172KB

    MD5

    685f1cbd4af30a1d0c25f252d399a666

    SHA1

    6a1b978f5e6150b88c8634146f1406ed97d2f134

    SHA256

    0e478c95a7a07570a69e6061e7c1da9001bccad9cc454f2ed4da58824a13e0f4

    SHA512

    6555ad6b4f4f26105ca8aad64501d74519a3e091f559b4b563d6ffb20a2ddfcde65e4fe94971a9bc65e86db577f2548ca00f9920d341c8ea808b04c0947d61d9

    Download Submit

  • memory/4808-134-0x0000000001000000-0x0000000001022000-memory.dmp

    Filesize

    136KB

    Download

  • memory/4808-135-0x00000000009C0000-0x0000000000A33000-memory.dmp

    Filesize

    460KB

    Download

  • memory/4808-136-0x00000000009C0000-0x0000000000A33000-memory.dmp

    Filesize

    460KB

    Download