Overview

overview

8

Static

static

8

cf�...��.exe

windows7-x64

1

cf�...��.exe

windows10-2004-x64

1

cf�...wg.exe

windows7-x64

8

cf�...wg.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    177s
  • max time network
    231s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/11/2022, 20:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cf[]Զǹ+ʮ׼[޸]/cf��.exe

  • Size

    44KB

  • MD5

    2ddd1c11b0bab48b6493dcebbf085c03

  • SHA1

    d022ca5bc6953456721c0fb12e44d02d583df932

  • SHA256

    805e3bac58b532f84e41c65a4e47114656c6c9ea7490728e54c59204c1ad7867

  • SHA512

    28408f258ca67b533b15676c61afa263b8d0ea79b51e0a911e140c896be4c5f2ffa259705e2ff46dcc7f23151c76d5184fcbb88c7b8309e17d1d387df67e670f

  • SSDEEP

    768:RtjCjA5eMVH0tTlzM+YnehpInBQmpInBQhk:39h0HuehpopTk

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Modifies Internet Explorer start page 1 TTPs 1 IoCs
    stealer
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cf[]Զǹ+ʮ׼[޸]\cf��.exe
    "C:\Users\Admin\AppData\Local\Temp\cf[]Զǹ+ʮ׼[޸]\cf��.exe"
    1⤵
    • Modifies Internet Explorer settings
    • Modifies Internet Explorer start page
    • Suspicious use of SetWindowsHookEx
    PID:3796

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads