Overview

overview

7

Static

static

c11d4035a7...6e.exe

windows7-x64

7

c11d4035a7...6e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    163s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27-11-2022 02:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c11d4035a782df13f18c609da6172b732144559c92c4dcb9e3e6e3c953d62b6e.exe

  • Size

    4.3MB

  • MD5

    e4fb24fb0ea28b43afc2e5b75e9a2f7e

  • SHA1

    40b0fc59200e6932e77683063928aa325c6a8a4a

  • SHA256

    c11d4035a782df13f18c609da6172b732144559c92c4dcb9e3e6e3c953d62b6e

  • SHA512

    93acc67b194d6cb5a06c76d9447437e5c78cac898c53aba5f88b0489ef2665e1b123577baa633aaa74a55caaec7d3bad9bff8f40cab35ec08c62586a7d5cfa28

  • SSDEEP

    98304:JiNP0Go1i9NAaOVinE+QXvSmEQvmozmy7ry5sEC5u1xzqLKzh:WPto1P+QfJmoG5CYD2LKzh

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c11d4035a782df13f18c609da6172b732144559c92c4dcb9e3e6e3c953d62b6e.exe
    "C:\Users\Admin\AppData\Local\Temp\c11d4035a782df13f18c609da6172b732144559c92c4dcb9e3e6e3c953d62b6e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2972

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\epi9928.tmp
    Filesize

    172KB

    MD5

    3d293cfb1308bf53aabf1d4bc2aa0833

    SHA1

    d37fd7a138c788e55d3ca4bebbdf15bd624b0d6c

    SHA256

    e0614182011dd8c652a60817cb8427277b19e7b1348778ac84e8e41e62e646a1

    SHA512

    6905a1fc173bd094a698c4441ffac07e56c692e34ce127bac1dab8b88ee262ccf196e64988541309ae490d318191d0b3c22e1ee9c2e199a72c2882599256e31f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\epi9928.tmp
    Filesize

    172KB

    MD5

    3d293cfb1308bf53aabf1d4bc2aa0833

    SHA1

    d37fd7a138c788e55d3ca4bebbdf15bd624b0d6c

    SHA256

    e0614182011dd8c652a60817cb8427277b19e7b1348778ac84e8e41e62e646a1

    SHA512

    6905a1fc173bd094a698c4441ffac07e56c692e34ce127bac1dab8b88ee262ccf196e64988541309ae490d318191d0b3c22e1ee9c2e199a72c2882599256e31f

    Download Submit

  • memory/2972-132-0x0000000000400000-0x000000000084F000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2972-135-0x00000000025D0000-0x0000000002643000-memory.dmp

    Filesize

    460KB

    Download

  • memory/2972-136-0x00000000025D0000-0x0000000002643000-memory.dmp

    Filesize

    460KB

    Download

  • memory/2972-137-0x0000000000400000-0x000000000084F000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2972-138-0x00000000025D0000-0x0000000002643000-memory.dmp

    Filesize

    460KB

    Download

  • memory/2972-139-0x00000000025D0000-0x0000000002643000-memory.dmp

    Filesize

    460KB

    Download