Overview

overview

9

Static

static

43c3168417...a2.exe

windows7-x64

9

43c3168417...a2.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    91s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 18:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    43c3168417fd6625a6249ac3d9f708ac13c0b9769ccc475047a4e0dff8a53ea2.exe

  • Size

    333KB

  • MD5

    0268edfbbcfeb1c39988d3a5aa585a50

  • SHA1

    a9e357a8f598af8973f2dd70e7cb03c168772bde

  • SHA256

    43c3168417fd6625a6249ac3d9f708ac13c0b9769ccc475047a4e0dff8a53ea2

  • SHA512

    1ea38fc58f1ab69a32184f43693d27f94f18ee6fcc6f37484893bae7384c37640e9589f959e5d14fd12590c20ace61fbb1f2734ff0aeb2c498a0708f4777bfe3

  • SSDEEP

    6144:fsjhG5e3v5mjsFL/ko7mIjCQ+1S/w6le9y3Aq+PznjeKMr0CsFoUXZ2hf:h5eRKa/koSIjC91SySAxjedrAoUXY1

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\43c3168417fd6625a6249ac3d9f708ac13c0b9769ccc475047a4e0dff8a53ea2.exe
    "C:\Users\Admin\AppData\Local\Temp\43c3168417fd6625a6249ac3d9f708ac13c0b9769ccc475047a4e0dff8a53ea2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\ntiC587.tmp
    Filesize

    172KB

    MD5

    4f407b29d53e9eb54e22d096fce82aa7

    SHA1

    a4ee25b066cac19ff679dd491f5791652bb71185

    SHA256

    cf0ecf30fc95800a34105acb9bcb484bb594a35b3ef26ace8f122af4f9f888dc

    SHA512

    325f7b599455195101e4c0dafd3654906d20ed2c1ce2a5f38784635e16ab545df6ee44a83bed6128239be2dee5be110552c7b246b7f52482ab31552e14b54183

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\ntiC587.tmp
    Filesize

    172KB

    MD5

    4f407b29d53e9eb54e22d096fce82aa7

    SHA1

    a4ee25b066cac19ff679dd491f5791652bb71185

    SHA256

    cf0ecf30fc95800a34105acb9bcb484bb594a35b3ef26ace8f122af4f9f888dc

    SHA512

    325f7b599455195101e4c0dafd3654906d20ed2c1ce2a5f38784635e16ab545df6ee44a83bed6128239be2dee5be110552c7b246b7f52482ab31552e14b54183

    Download Submit

  • memory/4928-134-0x0000000000400000-0x000000000044D000-memory.dmp

    Filesize

    308KB

    Download

  • memory/4928-135-0x0000000002180000-0x00000000021F4000-memory.dmp

    Filesize

    464KB

    Download

  • memory/4928-136-0x0000000000400000-0x000000000044D000-memory.dmp

    Filesize

    308KB

    Download

  • memory/4928-137-0x0000000002180000-0x00000000021F4000-memory.dmp

    Filesize

    464KB

    Download