Overview

overview

9

Static

static

c1a7bd12b4...22.exe

windows7-x64

9

c1a7bd12b4...22.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    148s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-11-2022 07:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1a7bd12b42f30d888a4f9677f8be8a4f91a5ed3a26d1166fcb55a33c6160a22.exe

  • Size

    249KB

  • MD5

    015822af1763af11496b59c3991f0127

  • SHA1

    9d724c7e91cf821a21a4a801cb093d2fc1c0d857

  • SHA256

    c1a7bd12b42f30d888a4f9677f8be8a4f91a5ed3a26d1166fcb55a33c6160a22

  • SHA512

    f885af30c4ec7b3d80dfca853e8f0de2a34c106591255b63978812029c0bd20ebeb542bd75542509ec02d1f435d009e36b3030b866a515aa82bc9882144252f6

  • SSDEEP

    6144:cQVNGn9ztM+P4z3zhrWEFakW25jvuEl9liL:c2NG9JZPm3NrWE7j2g9e

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c1a7bd12b42f30d888a4f9677f8be8a4f91a5ed3a26d1166fcb55a33c6160a22.exe
    "C:\Users\Admin\AppData\Local\Temp\c1a7bd12b42f30d888a4f9677f8be8a4f91a5ed3a26d1166fcb55a33c6160a22.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\epi9928.tmp
    Filesize

    172KB

    MD5

    4f407b29d53e9eb54e22d096fce82aa7

    SHA1

    a4ee25b066cac19ff679dd491f5791652bb71185

    SHA256

    cf0ecf30fc95800a34105acb9bcb484bb594a35b3ef26ace8f122af4f9f888dc

    SHA512

    325f7b599455195101e4c0dafd3654906d20ed2c1ce2a5f38784635e16ab545df6ee44a83bed6128239be2dee5be110552c7b246b7f52482ab31552e14b54183

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\epi9928.tmp
    Filesize

    172KB

    MD5

    4f407b29d53e9eb54e22d096fce82aa7

    SHA1

    a4ee25b066cac19ff679dd491f5791652bb71185

    SHA256

    cf0ecf30fc95800a34105acb9bcb484bb594a35b3ef26ace8f122af4f9f888dc

    SHA512

    325f7b599455195101e4c0dafd3654906d20ed2c1ce2a5f38784635e16ab545df6ee44a83bed6128239be2dee5be110552c7b246b7f52482ab31552e14b54183

    Download Submit

  • memory/1940-132-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/1940-135-0x0000000001E00000-0x0000000001E74000-memory.dmp

    Filesize

    464KB

    Download

  • memory/1940-136-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/1940-137-0x0000000001E00000-0x0000000001E74000-memory.dmp

    Filesize

    464KB

    Download