8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f

Analysis

max time kernel
28s
max time network
31s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
24-11-2022 08:01

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe
Size

8.7MB
MD5

a42063493aa7162d8683bb09523a8c51
SHA1

ee73621b81a32517aaeb2a7797655bc37596daa6
SHA256

8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f
SHA512

fd18c8ef82e4146eb734cea2e0740f326bd5e13417d839b9f2866cf441be8adbfe1c6e28a622397797ab3c5f49389382610a1b09c9b9907665c1cbcd61e5f7ef
SSDEEP

196608:tTXE6wrRoUkfF4+GdSAmld4ugqT1gZAGs7kXs1lGLA4fI:tZaa++GdzmDpgqT1gHXklGLq

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

Processes:

8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-3385717845-2518323428-350143044-1000\Software\Microsoft\Internet Explorer\Main	8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe

Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe

pid	process
1228	8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe
1228	8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe

C:\Users\Admin\AppData\Local\Temp\8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe
"C:\Users\Admin\AppData\Local\Temp\8db97dbf0e1a36c4d8d8a5cd331aac965b1c9bd2b08dc49329c05aa1c1e4311f.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1228

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1228-54-0x0000000075091000-0x0000000075093000-memory.dmp

Filesize
8KB

Download