Overview

overview

8

Static

static

75501dffe1...9d.exe

windows7-x64

8

75501dffe1...9d.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    152s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 03:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d.exe

  • Size

    332KB

  • MD5

    774986b4933fada2a7d86fd8812f38ee

  • SHA1

    009cbea9d50212250003a7c48c9598ad3e456b3d

  • SHA256

    75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d

  • SHA512

    43c9b736d04fcdc68a7dd6bd7173fafeb87b1ae72fe07e1beb259da238266549d0cb1e307fc60dac93655345c333b3ce4b4f3e918cc5052c81dc4b3c75cbd961

  • SSDEEP

    6144:KkQU0/L5/fx9h/P3vgQf0R+738XSiJxlTbExPcxkn2PhDoHji3sl5p2+FMLZoe:5x0/jz5f0RO3+JTXIcyn2hcH+3sZTe

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetThreadContext 1 IoCs
  • Drops file in Windows directory 1 IoCs
  • Modifies registry class 47 IoCs
  • NTFS ADS 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3044
      • C:\Users\Admin\AppData\Local\Temp\75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d.exe
        "C:\Users\Admin\AppData\Local\Temp\75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d.exe"
        2⤵
        • Suspicious use of SetThreadContext
        • Drops file in Windows directory
        • Modifies registry class
        • NTFS ADS
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:4656
        • C:\Users\Admin\AppData\Local\Temp\75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d.exe
          "C:\Users\Admin\AppData\Local\Temp\75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d.exe"
          3⤵
          • Executes dropped EXE
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of WriteProcessMemory
          PID:1332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d.exe
      Filesize

      332KB

      MD5

      774986b4933fada2a7d86fd8812f38ee

      SHA1

      009cbea9d50212250003a7c48c9598ad3e456b3d

      SHA256

      75501dffe10e62d8fde7033c2ed428105e39335e0f5ad52b06ffec66c40c8a9d

      SHA512

      43c9b736d04fcdc68a7dd6bd7173fafeb87b1ae72fe07e1beb259da238266549d0cb1e307fc60dac93655345c333b3ce4b4f3e918cc5052c81dc4b3c75cbd961

      Download Submit

    • memory/1332-138-0x0000000000000000-mapping.dmp

      Download

    • memory/1332-139-0x0000000000400000-0x0000000000403000-memory.dmp

      Filesize

      12KB

      Download

    • memory/1332-145-0x0000000000400000-0x0000000000402400-memory.dmp

      Filesize

      9KB

      Download

    • memory/4656-132-0x0000000000400000-0x0000000000452000-memory.dmp

      Filesize

      328KB

      Download

    • memory/4656-133-0x0000000000730000-0x0000000000762000-memory.dmp

      Filesize

      200KB

      Download

    • memory/4656-134-0x0000000000400000-0x0000000000452000-memory.dmp

      Filesize

      328KB

      Download

    • memory/4656-136-0x0000000000400000-0x0000000000452000-memory.dmp

      Filesize

      328KB

      Download

    • memory/4656-142-0x0000000000400000-0x0000000000452000-memory.dmp

      Filesize

      328KB

      Download

    • memory/4656-143-0x0000000000730000-0x0000000000762000-memory.dmp

      Filesize

      200KB

      Download

    • memory/4656-144-0x0000000000400000-0x0000000000452000-memory.dmp

      Filesize

      328KB

      Download