Overview

overview

9

Static

static

332c5e17d1...db.exe

windows7-x64

9

332c5e17d1...db.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    156s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/11/2022, 17:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    332c5e17d123702948d054f806cf07f1e228da1642629cf39563098ef927bfdb.exe

  • Size

    4.3MB

  • MD5

    2bdbd2c2c7042a202f86162139ff9f3f

  • SHA1

    22af632056628a6fc3e1982da670681650f76f06

  • SHA256

    332c5e17d123702948d054f806cf07f1e228da1642629cf39563098ef927bfdb

  • SHA512

    38ef2deb896d2fd1951374c212ea5f4cc63b9e2d94eb73b5002a9a45103eb79573312e054fd0b4f50a5739958308ca56b4a4af7289e164cd37a11001e1074918

  • SSDEEP

    98304:WZ5jGte9zGWPdSzvynuommzfpXpP2bVzHSO5/JwPj0UqC4N2ypbHKfCGbzs7WMDe:q5GMPduo2ZHrRJwPj0C4YO7K6Gbzso

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\332c5e17d123702948d054f806cf07f1e228da1642629cf39563098ef927bfdb.exe
    "C:\Users\Admin\AppData\Local\Temp\332c5e17d123702948d054f806cf07f1e228da1642629cf39563098ef927bfdb.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:4628

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4628e56bd3a\mDll.dll
    Filesize

    623KB

    MD5

    4c36d3a9d032caeedfbaf024eb87bf68

    SHA1

    586b549d39445a9e15fc51620c4e8b7ffe2533d4

    SHA256

    64050e264b7cba63affa4d18bcfc8eca0e7799ba9813059e669674d9c05f9816

    SHA512

    dfe72b23affeb3c5571b467cfe21af058aa37fb8e44d6efbfd6a1b953fe166e2c8c6c47170e7a837ffcd884171b4b85ee361fb76cb2019ec293b87362128fb6a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\4628e56bd3a\mLib.dll
    Filesize

    3.1MB

    MD5

    4d0c969dd580676e02e8756c8e6ef2ea

    SHA1

    95216aaf64775cf3629d695ffd228269aa864823

    SHA256

    16e26bff95f6069dc775caa00f23b00f7e6df68a306250abb25c35be7d3a98d4

    SHA512

    0ca8dbd1481e046375b3033790e7a029ca03020b13bd5e6f2c75728bd8f3f2a8a2b949d5763a4de8c702ad2f1c6ccf328c30148606971f7df5cd020a0f241a7c

    Download Submit