fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821

Analysis

max time kernel
135s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 09:05

Target

fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe
Size

19.6MB
MD5

fce63e9299fdf1dd5b16a25e81389d71
SHA1

3d821d19e6ffbc819a026aea3ef752b2c858921d
SHA256

fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821
SHA512

100618577d73788783a9fcfb976eeffaa1ff5ba10ad05083b9e15791f4e42b15bd1c9b4afae88eff85311996fc429018d432efe72f1e5d33ea84a4946c49a54a
SSDEEP

393216:NpMvVQpmIH1JW85hRNOazuscPkMY27eCe2/rfSMd4DqmOE:4vVQpLD5h+WHMZ7e2/LxmOE

Score

1^/10

Modifies Internet Explorer settings 1 TTPs 1 IoCs

Modify Registry

Processes:

fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3385717845-2518323428-350143044-1000\Software\Microsoft\Internet Explorer\Main	fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe

pid process

2040 fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe

pid	process
2040	fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe
2040	fda368584f55b02e32544dfd5aa09c719f438bafb461363f0e22d551cfc01821.exe

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/2040-54-0x0000000075511000-0x0000000075513000-memory.dmp

Filesize
8KB

Download