267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0

Analysis

max time kernel
41s
max time network
93s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 14:45

Target

267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0.exe
Size

7.7MB
MD5

573a85f7408850ed3277c5d94c5905ed
SHA1

ebf6d430061ace85403f1ffab9129b1f3107cc35
SHA256

267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0
SHA512

3506c4b6dc279f2603c1d73989afef2d7121448e4461320fb7e36b7a792b68ddea473ae7414861d0fdcf4c09b89963b6543e66871560102145f899513770a534
SSDEEP

196608:uTXE6wnmR9nCeRnd+KEmGueBbz+bXiI7YxVaGXf7pRulNQkLgMca:uZBR7RfEnbC2I7YxVa5lekLxX

Score

1^/10

Modifies Internet Explorer settings 1 TTPs 1 IoCs

Modify Registry

Processes:

267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3845472200-3839195424-595303356-1000\Software\Microsoft\Internet Explorer\Main	267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0.exe

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0.exe

pid	process
1932	267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0.exe
1932	267a09f433a18b31fc9fc6dc7f600c8b0bc28b8e22ec602384eedf4fa104eae0.exe

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/1932-54-0x0000000076401000-0x0000000076403000-memory.dmp

Filesize
8KB

Download