Overview

overview

9

Static

static

2c1f01e4de...16.exe

windows7-x64

9

2c1f01e4de...16.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    178s
  • max time network
    183s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 12:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2c1f01e4dedbec0ab593eb687ef75e552891482f030ef9610e4f7a4198c75e16.exe

  • Size

    182KB

  • MD5

    708a396a83b25e9c3bf69885737de632

  • SHA1

    3059d9f187e119a5def15f02dd5d4c03cf570f77

  • SHA256

    2c1f01e4dedbec0ab593eb687ef75e552891482f030ef9610e4f7a4198c75e16

  • SHA512

    2c2db8238378720dcab5db8e848c6b689d6cb1f3f6a99cf870339d9372dee7e6f8e838c062e589262ac5c547a7d198dcde5068deaeea696d52e8bda5af6f1612

  • SSDEEP

    3072:TZ7o2xg+fheqGN7LZg0pUsjkrelCqOvqtQbmLtkCKuHm6RHa:d7LYqGZZgAjkCCqOvqtNhkCK0ma6

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c1f01e4dedbec0ab593eb687ef75e552891482f030ef9610e4f7a4198c75e16.exe
    "C:\Users\Admin\AppData\Local\Temp\2c1f01e4dedbec0ab593eb687ef75e552891482f030ef9610e4f7a4198c75e16.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:2676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\byiF811.tmp
    Filesize

    172KB

    MD5

    685f1cbd4af30a1d0c25f252d399a666

    SHA1

    6a1b978f5e6150b88c8634146f1406ed97d2f134

    SHA256

    0e478c95a7a07570a69e6061e7c1da9001bccad9cc454f2ed4da58824a13e0f4

    SHA512

    6555ad6b4f4f26105ca8aad64501d74519a3e091f559b4b563d6ffb20a2ddfcde65e4fe94971a9bc65e86db577f2548ca00f9920d341c8ea808b04c0947d61d9

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\byiF811.tmp
    Filesize

    172KB

    MD5

    685f1cbd4af30a1d0c25f252d399a666

    SHA1

    6a1b978f5e6150b88c8634146f1406ed97d2f134

    SHA256

    0e478c95a7a07570a69e6061e7c1da9001bccad9cc454f2ed4da58824a13e0f4

    SHA512

    6555ad6b4f4f26105ca8aad64501d74519a3e091f559b4b563d6ffb20a2ddfcde65e4fe94971a9bc65e86db577f2548ca00f9920d341c8ea808b04c0947d61d9

    Download Submit

  • memory/2676-132-0x0000000000400000-0x0000000000406000-memory.dmp

    Filesize

    24KB

    Download

  • memory/2676-135-0x0000000000880000-0x00000000008F3000-memory.dmp

    Filesize

    460KB

    Download

  • memory/2676-136-0x0000000000880000-0x00000000008F3000-memory.dmp

    Filesize

    460KB

    Download