Overview

overview

8

Static

static

8

23ebc3da11...54.exe

windows7-x64

1

23ebc3da11...54.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    203s
  • max time network
    221s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 14:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23ebc3da11e43c27c8eebd51be387598992542290659126545d5c97f5648ad54.exe

  • Size

    406KB

  • MD5

    94858ba298fe37634f3a5a57842bb645

  • SHA1

    09892d3765c20471d020fecd38b767a1bd74c990

  • SHA256

    23ebc3da11e43c27c8eebd51be387598992542290659126545d5c97f5648ad54

  • SHA512

    e73cde1c291d3a3765c89308566773fd7e1c07e91649d5c8dc792739719312f0f5866b7c7c053758000c80e64dbaa177d36b64359925b89aaf5c48140a499510

  • SSDEEP

    12288:YA+DZyh9BWejBVhsLmW9etFmMK/Pq2hKV:uZcWeN5WU0/Pq7V

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer start page 1 TTPs 1 IoCs
    stealer
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23ebc3da11e43c27c8eebd51be387598992542290659126545d5c97f5648ad54.exe
    "C:\Users\Admin\AppData\Local\Temp\23ebc3da11e43c27c8eebd51be387598992542290659126545d5c97f5648ad54.exe"
    1⤵
    • Modifies Internet Explorer start page
    • Suspicious use of SetWindowsHookEx
    PID:4868

Network

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4868-133-0x0000000000400000-0x00000000004F4000-memory.dmp
    Filesize

    976KB

    Download
  • memory/4868-134-0x0000000000400000-0x00000000004F4000-memory.dmp
    Filesize

    976KB

    Download