74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108

Analysis

max time kernel
92s
max time network
138s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2022 21:12

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Size

121KB
MD5

901689607e77064070b2b3b3826ab0c6
SHA1

1985a14b31fdd29719497c13fb11915f9cda202e
SHA256

74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108
SHA512

3c4d1088d37ce0d842d2c2999a1a080bc6e14b32a5a2c6401e62314081ade670d74b00d666a293f88a672867e393f4bbaec361c0d794456166df92a32f27384f
SSDEEP

1536:+nLh2c9E5j4ZRJja8eK6U9Mxbd2vim2xwcy+vynzI33zt:+nLh2iUcZ3nMxbAvywcy/nzI33zt

Score

1^/10

Malware Config

Signatures

Modifies registry class 14 IoCs

Processes:

74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe

description	ioc	process
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\server	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\server\ = "sndrec32.exe"	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\verb\0	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\verb\0\ = "&Play"	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdExecute\server\ = "sndrec32.exe"	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\ = "Wave Sound"	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\verb	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\verb\1	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Set value (str)	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdFileEditing\verb\1\ = "&Edit"	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdExecute\server	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\SoundRec\protocol\StdExecute	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe

Suspicious use of SetWindowsHookEx 1 IoCs

Processes:

74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe

pid process

5064 74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe

pid	process
5064	74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe

C:\Users\Admin\AppData\Local\Temp\74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe
"C:\Users\Admin\AppData\Local\Temp\74a46778b91f8195c209f970dadfea0c1b0daafadb6c9a001345056d26d4f108.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:5064

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads