Overview

overview

5

Static

static

50f236fa88...66.exe

windows7-x64

5

50f236fa88...66.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    166s
  • max time network
    195s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    22/11/2022, 12:54

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    50f236fa88260c558ce1a7fc8ea0db24b17c2d402b324a9a2d6e669a3b08f666.exe

  • Size

    1.3MB

  • MD5

    6f75cdb7306280870b96faa9e3c44572

  • SHA1

    67ee063f0a9ae002f0a4e5c41dfae295642b2e9f

  • SHA256

    50f236fa88260c558ce1a7fc8ea0db24b17c2d402b324a9a2d6e669a3b08f666

  • SHA512

    da003ba7d709c42ea205e5cd6ae30441dbe475d7629d36cd67be5aff78b7fc9c46fa1ad5d996a24065857e0b310435974f14b7b09f20505f4a39fa9327bd0463

  • SSDEEP

    24576:TrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakq:TrKo4ZwCOnYjVmJPaZ

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\50f236fa88260c558ce1a7fc8ea0db24b17c2d402b324a9a2d6e669a3b08f666.exe
    "C:\Users\Admin\AppData\Local\Temp\50f236fa88260c558ce1a7fc8ea0db24b17c2d402b324a9a2d6e669a3b08f666.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:1772
    • C:\Users\Admin\AppData\Local\Temp\50f236fa88260c558ce1a7fc8ea0db24b17c2d402b324a9a2d6e669a3b08f666.exe
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:964

Network

        MITRE ATT&CK Enterprise v6

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/964-54-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-55-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-57-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-59-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-61-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-63-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-65-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-68-0x0000000075D51000-0x0000000075D53000-memory.dmp

          Filesize

          8KB

          Download

        • memory/964-69-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-70-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-72-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download

        • memory/964-73-0x0000000000400000-0x00000000004D9000-memory.dmp

          Filesize

          868KB

          Download