Overview

overview

8

Static

static

690f03ec81...68.exe

windows7-x64

8

690f03ec81...68.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    167s
  • max time network
    184s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 23:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    690f03ec8118408ac4350166707e2594883234c49a5578290246434689e81a68.exe

  • Size

    116KB

  • MD5

    348bdb80e2c643173598e29845e95f63

  • SHA1

    88eddf2bb54dd42288dad16b7ace2e6d8cb87888

  • SHA256

    690f03ec8118408ac4350166707e2594883234c49a5578290246434689e81a68

  • SHA512

    99e6d09bad5ad0822bad3b84c27a2f8b4f822bb3ad6f347ddb54385efa304f696598511f16cb518314e1b1ac0bedae6e3a960e353a02aae1d2b7749f3c87c950

  • SSDEEP

    1536:aowahuA0ipMAgciDeT2mFnToIf62MNFyxTt6NWXj3CTAt:aowahJ0y5iDeT2mtTBf6NNFyxT+2+st

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 3 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\690f03ec8118408ac4350166707e2594883234c49a5578290246434689e81a68.exe
    "C:\Users\Admin\AppData\Local\Temp\690f03ec8118408ac4350166707e2594883234c49a5578290246434689e81a68.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:3044
  • C:\Program Files\Microsoft Explorer\svmssc.exe
    "C:\Program Files\Microsoft Explorer\svmssc.exe"
    1⤵
    • Executes dropped EXE
    • Suspicious use of SetWindowsHookEx
    PID:2376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Microsoft Explorer\svmssc.exe
    Filesize

    12.5MB

    MD5

    9e1f7e12a16a846196f93a594f4315a0

    SHA1

    e57310ee074c423e68b624e9b9fc9c9edd3c61bc

    SHA256

    1b524a1312bd813c237e1836a428e8bb3521d96ce586ed7e79152b9d11c9675b

    SHA512

    7918ea065ab2b2731163806a77dcdd7281afd02a2a7c49c2ff83538568dfb28f826dbc5e371ef6e169bbb76c7d3ee7ee43bc4700a26aa03c52640e4533a3767b

    Download Submit

  • C:\Program Files\Microsoft Explorer\svmssc.exe
    Filesize

    12.5MB

    MD5

    9e1f7e12a16a846196f93a594f4315a0

    SHA1

    e57310ee074c423e68b624e9b9fc9c9edd3c61bc

    SHA256

    1b524a1312bd813c237e1836a428e8bb3521d96ce586ed7e79152b9d11c9675b

    SHA512

    7918ea065ab2b2731163806a77dcdd7281afd02a2a7c49c2ff83538568dfb28f826dbc5e371ef6e169bbb76c7d3ee7ee43bc4700a26aa03c52640e4533a3767b

    Download Submit

  • C:\SystemTemp
    Filesize

    102B

    MD5

    edaa2e2caf1c957f089ade8f5fa6658a

    SHA1

    a7a7ab96dd030b945215ecb443cfe0a7f86f8942

    SHA256

    6e11ecd4dbea84a184c90f0c14a8552a47fd9b73a925d32822fd3720a6adf434

    SHA512

    5ab0a4033e37b1a799c068204abc808344af0c96bc5a67405f3aede027bb54c738412a1e169277bfab7a11dddda748dfb9ca4c744cbabf7ed1c767e1f27de125

    Download Submit