Overview

overview

7

Static

static

ced815bf72...da.exe

windows7-x64

7

ced815bf72...da.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    320s
  • max time network
    417s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/11/2022, 11:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ced815bf72d788be2320ac655b73c9f01421f377909397157b3b7bfe7ea250da.exe

  • Size

    835KB

  • MD5

    c9c5058b73094eabeff42033eabbd272

  • SHA1

    258e11b2f69e498904863a16aa1f598e562f50ce

  • SHA256

    ced815bf72d788be2320ac655b73c9f01421f377909397157b3b7bfe7ea250da

  • SHA512

    2fa8bce608df8fbc0b67d4693c445ea17e9209dab739d6c0034157e90e19d8fdb97c2cdb3f622ff1a5e1d0a61e559624840dec1e3da8d508d003f6ffc3f5837f

  • SSDEEP

    24576:E3ALk5agPCs2bkS89Pag1R6kbLR3zSoWc:E3Ahg6s2Nmf7bLR3zSoWc

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious use of SetWindowsHookEx 16 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ced815bf72d788be2320ac655b73c9f01421f377909397157b3b7bfe7ea250da.exe
    "C:\Users\Admin\AppData\Local\Temp\ced815bf72d788be2320ac655b73c9f01421f377909397157b3b7bfe7ea250da.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_4\HtmlView.fne
    Filesize

    224KB

    MD5

    59f0a258fa01bce2a69d263bea890e40

    SHA1

    b12b47e9c7ea859967ed75facdce4b54f9911a41

    SHA256

    0352856a5f8645f90857baee3d6310e88215f6489b2641b2682ee6cde3b2d4e2

    SHA512

    588ac395416b3fca6580f5de872b49aa81a21f97ff482eae286072f4bffeeef332170a27fa866b4a425dffdf0f107d659637eaeda5035d8e8458e6d800c11ae3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\HtmlView.fne
    Filesize

    224KB

    MD5

    59f0a258fa01bce2a69d263bea890e40

    SHA1

    b12b47e9c7ea859967ed75facdce4b54f9911a41

    SHA256

    0352856a5f8645f90857baee3d6310e88215f6489b2641b2682ee6cde3b2d4e2

    SHA512

    588ac395416b3fca6580f5de872b49aa81a21f97ff482eae286072f4bffeeef332170a27fa866b4a425dffdf0f107d659637eaeda5035d8e8458e6d800c11ae3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\iext.fnr
    Filesize

    212KB

    MD5

    6c0b74908c48f17b7c280a8702de36da

    SHA1

    1ac380e5d8dd5c3b5f92a0fdaab7f9e83b6867c2

    SHA256

    09533a0e86418974acf36dfd2f87b753a169890494bef4832c45811864b55d51

    SHA512

    1b39241d44dddf72248f3b38e7e8088aa23df4e74fef30580a671af59e45dc7c48a2cce7e3b628a8242db85fae535f2af03a6202cbe5ac73d170af05b147312e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\iext.fnr
    Filesize

    212KB

    MD5

    6c0b74908c48f17b7c280a8702de36da

    SHA1

    1ac380e5d8dd5c3b5f92a0fdaab7f9e83b6867c2

    SHA256

    09533a0e86418974acf36dfd2f87b753a169890494bef4832c45811864b55d51

    SHA512

    1b39241d44dddf72248f3b38e7e8088aa23df4e74fef30580a671af59e45dc7c48a2cce7e3b628a8242db85fae535f2af03a6202cbe5ac73d170af05b147312e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\krnln.fnr
    Filesize

    1.1MB

    MD5

    e9a17293fcd7febc44fbfd4d9e3ebb00

    SHA1

    437666a318d95635edaad29ba3e33411445c9847

    SHA256

    7a339e0b50ce189beb3653fb972aad5539e3cd76f688951f64f8bbbaf6b95c37

    SHA512

    93b2e96d3b923ee5da9b5e81591dab84f5448c7f0180366a397a30e3f52cf544396426b3eb158eab21f3868d3ec88a604f4bad3d75fc08854b60aeb46250e65e

    Download Submit

  • memory/1272-133-0x0000000000400000-0x0000000000413000-memory.dmp

    Filesize

    76KB

    Download

  • memory/1272-136-0x00000000022F0000-0x0000000002333000-memory.dmp

    Filesize

    268KB

    Download

  • memory/1272-140-0x0000000002340000-0x000000000237B000-memory.dmp

    Filesize

    236KB

    Download