Overview

overview

8

Static

static

b21e1f9b59...84.exe

windows7-x64

8

b21e1f9b59...84.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    317s
  • max time network
    423s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-11-2022 16:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b21e1f9b59c893d80782a0d2570db2292144a47722ac03c7c4113bed6426e584.exe

  • Size

    1.1MB

  • MD5

    ab739127f72512d0f631484fbe80bacd

  • SHA1

    8447441d6d85015630e74851eaae4ecca274c33c

  • SHA256

    b21e1f9b59c893d80782a0d2570db2292144a47722ac03c7c4113bed6426e584

  • SHA512

    d161ae4fe0adb2cf285fc0337bdf76d00dd7045701f488cc4a36d0727ca2c0a479ae56b38a452f392c2af6fdedbe11aa5228d293e783ca3f87fee260c3fc6f94

  • SSDEEP

    12288:XLx2KpmgXvsBBElYrUql5UWHFJuUJ095c0yjhjOuJ1r55pA:XLxQgXvs/EqrUqoIJuUGXA155+

Score
8/10
dave

Malware Config

Signatures

  • Dave packer 1 IoCs

    Detects executable using a packer named 'Dave' by the community, based on a string at the end.

    dave
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b21e1f9b59c893d80782a0d2570db2292144a47722ac03c7c4113bed6426e584.exe
    "C:\Users\Admin\AppData\Local\Temp\b21e1f9b59c893d80782a0d2570db2292144a47722ac03c7c4113bed6426e584.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1056-132-0x00000000024C0000-0x0000000002511000-memory.dmp
    Filesize

    324KB

    Download
  • memory/1056-136-0x0000000010000000-0x000000001004F000-memory.dmp
    Filesize

    316KB

    Download
  • memory/1056-139-0x0000000002530000-0x000000000257E000-memory.dmp
    Filesize

    312KB

    Download
  • memory/1056-144-0x0000000002470000-0x00000000024BE000-memory.dmp
    Filesize

    312KB

    Download