Overview

overview

8

Static

static

8

0af4636acd...36.exe

windows7-x64

7

0af4636acd...36.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    200s
  • max time network
    209s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 19:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0af4636acd9ede22dc4dd5b5be93c535c219b30cd5b26c7dd1f47e99d57ffe36.exe

  • Size

    926KB

  • MD5

    00c74073a248e7da842cb6c14a62cb7a

  • SHA1

    c45b0cc3cc73ad19ffa3f27e8bd496f5e6477538

  • SHA256

    0af4636acd9ede22dc4dd5b5be93c535c219b30cd5b26c7dd1f47e99d57ffe36

  • SHA512

    3c7b43c86b3af51620c6d8e6d48d49949e4e7e38b5f9d85c4621f78ae9137a8d6d6e464d7323a15ca35bfbe6f2619035a0cc67e4007f2e17522d835d518dad2b

  • SSDEEP

    24576:6j66Ea0iT/NZswKEaeWiA16koibJ+cjpcS9infis:u66DJT/NawfaitKcS9gt

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious use of SetWindowsHookEx 34 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0af4636acd9ede22dc4dd5b5be93c535c219b30cd5b26c7dd1f47e99d57ffe36.exe
    "C:\Users\Admin\AppData\Local\Temp\0af4636acd9ede22dc4dd5b5be93c535c219b30cd5b26c7dd1f47e99d57ffe36.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_4\iext.fnr
    Filesize

    200KB

    MD5

    443a9a58c576e51a8a36c6017d9292cf

    SHA1

    d75c4080b4813efe6d947f5412b6a15bb56e483d

    SHA256

    23a478a637d5f50c7bcea4a2ef8bcfc8cb1150e97ad5c73cf9c371a564f89e2e

    SHA512

    df2a9ca61cf88f0b8ff4592a687e3574fdb5f8105f968234063a58aa219e87334ab2d95fc1819159d78b72133e4c8abb6a222825e66183c93f60f5a71901465f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\iext.fnr
    Filesize

    200KB

    MD5

    443a9a58c576e51a8a36c6017d9292cf

    SHA1

    d75c4080b4813efe6d947f5412b6a15bb56e483d

    SHA256

    23a478a637d5f50c7bcea4a2ef8bcfc8cb1150e97ad5c73cf9c371a564f89e2e

    SHA512

    df2a9ca61cf88f0b8ff4592a687e3574fdb5f8105f968234063a58aa219e87334ab2d95fc1819159d78b72133e4c8abb6a222825e66183c93f60f5a71901465f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\iext5.fne
    Filesize

    308KB

    MD5

    a20443d1bb319faa29364c3be941438d

    SHA1

    0f96c05f80ee7a3b0be5c032c4796e7a77a3053f

    SHA256

    54cf9c312dba741fb08871c628a97b740a069663cf8d3fd8b54014a7bca7ee74

    SHA512

    08c9ceba2dc913d307a9392d3fc7a282af3300366ea53ddb0f6e20ac4817861db0bc67f9513915b14f26caf8aba2a6bd4e9f8110ab4bc60f93bc65cd255ef9ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\iext5.fne
    Filesize

    308KB

    MD5

    a20443d1bb319faa29364c3be941438d

    SHA1

    0f96c05f80ee7a3b0be5c032c4796e7a77a3053f

    SHA256

    54cf9c312dba741fb08871c628a97b740a069663cf8d3fd8b54014a7bca7ee74

    SHA512

    08c9ceba2dc913d307a9392d3fc7a282af3300366ea53ddb0f6e20ac4817861db0bc67f9513915b14f26caf8aba2a6bd4e9f8110ab4bc60f93bc65cd255ef9ed

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\krnln.fnr
    Filesize

    1.0MB

    MD5

    1385897a6fa1d9505b868b9984249123

    SHA1

    aa4b7de516ccb373ae52b223a62308ddcdab8768

    SHA256

    e51ec097f0ea9c1e67aece0942081b8fdc02908a76d29fd6fed5b1f387ca1796

    SHA512

    fcd3cdf9b81ccc9a755f9920e576af51660f1a41455efc86e3a328644f79d47c5aa6d2a4d28f39bb790db9e7b58d7f1a37481acbf3586b21c4c5ab2f5bc45690

    Download Submit

  • memory/4644-132-0x0000000000400000-0x0000000000463000-memory.dmp

    Filesize

    396KB

    Download

  • memory/4644-136-0x0000000002490000-0x00000000024EC000-memory.dmp

    Filesize

    368KB

    Download

  • memory/4644-140-0x0000000002500000-0x0000000002540000-memory.dmp

    Filesize

    256KB

    Download

  • memory/4644-142-0x0000000000400000-0x0000000000463000-memory.dmp

    Filesize

    396KB

    Download