Overview

overview

5

Static

static

77d0a2354a...60.exe

windows7-x64

5

77d0a2354a...60.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    209s
  • max time network
    282s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 12:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77d0a2354a0b6e25c1535de5e02f463753fb17623704a6fdfeb73f9528625160.exe

  • Size

    1.3MB

  • MD5

    957f510b5ef6d8bf849ed3864f71c4fa

  • SHA1

    31c4b8b5f97bd05cc8f015a22fbfed8f65634a8a

  • SHA256

    77d0a2354a0b6e25c1535de5e02f463753fb17623704a6fdfeb73f9528625160

  • SHA512

    1f4519362aa72c69543e0ad2fe9a145d00084c7951b43ea2ab0631483f99be0d0463f3d8c207eddaad85682b702df1fc6e615fd215a688d6d828e0caf6b1fd88

  • SSDEEP

    24576:zrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakH:zrKo4ZwCOnYjVmJPa0

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\77d0a2354a0b6e25c1535de5e02f463753fb17623704a6fdfeb73f9528625160.exe
    "C:\Users\Admin\AppData\Local\Temp\77d0a2354a0b6e25c1535de5e02f463753fb17623704a6fdfeb73f9528625160.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:1180
    • C:\Users\Admin\AppData\Local\Temp\77d0a2354a0b6e25c1535de5e02f463753fb17623704a6fdfeb73f9528625160.exe
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1476

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1476-54-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-55-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-57-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-59-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-61-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-63-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-65-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-66-0x000000000044E057-mapping.dmp

    Download

  • memory/1476-68-0x0000000075491000-0x0000000075493000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1476-69-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-70-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-71-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1476-73-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download