0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2

Analysis

max time kernel
175s
max time network
256s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
23-11-2022 18:37

Target

0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe
Size

4.7MB
MD5

2a3b7639f8b3799b93512a1d735e987d
SHA1

607fb3256ade0cd525ccb4c61ab3fc367211ba22
SHA256

0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2
SHA512

8c14ee9d3cfa7bb1a30d797e754736817354cf7e00fca4325f5a3f1db4acfd186f1607a46710c825efb714eb1dea7cbae214844e12059e74b3466a5bbd553746
SSDEEP

98304:QNVVQIwxwvZzGlry8hvm0kAsmOL3EQlobkEa17rse:QNVVWwvZzGlryIm0kATOL0Moby7B

Score

1^/10

Modifies Internet Explorer settings 1 TTPs 1 IoCs

Modify Registry

Processes:

0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1214520366-621468234-4062160515-1000\Software\Microsoft\Internet Explorer\Main	0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe

Suspicious use of SetWindowsHookEx 5 IoCs

Processes:

0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe

pid	process
468	0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe
468	0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe
468	0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe
468	0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe
468	0ae7ba5fd96d16addfa703a0e5f8b5c32247b752610f4ff918e1936a8864e1a2.exe

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

memory/468-54-0x0000000074ED1000-0x0000000074ED3000-memory.dmp

Filesize
8KB

Download