Analysis
-
max time kernel
42s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
25-11-2022 12:37
Static task
static1
Behavioral task
behavioral1
Sample
5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe
Resource
win10v2004-20221111-en
General
-
Target
5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe
-
Size
684KB
-
MD5
6b2701145d373bf071e9ec0ee22872c3
-
SHA1
8164f70cdc93cb9a84613155b40fdb5c3c1463bb
-
SHA256
5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5
-
SHA512
2f96d00ce873202290b3249ebe53a4742155a7c68750459e7547feb1c720749fbc9f63b13d68faccde749674ce9e032d898b3dc9070d875889ddc9a35761f24a
-
SSDEEP
12288:HcFpmo1qX+UDFlbsxiVri38WWsR5nWFpPoSC+:Hy4uUD7bsxsraWfbZ
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/1184-55-0x0000000010000000-0x000000001003E000-memory.dmp upx -
Drops file in Windows directory 2 IoCs
Processes:
5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exedescription ioc process File created C:\Windows\win8.she 5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe File created C:\Windows\jedata.dll 5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
Processes:
5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exepid process 1184 5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe 1184 5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe 1184 5f38443b74409afe1399cb1612952bcfb0c7949299df0eab623c04f905fabee5.exe