Overview

overview

8

Static

static

aeb51e6017...02.exe

windows7-x64

8

aeb51e6017...02.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    169s
  • max time network
    173s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 13:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aeb51e6017239f8136fd2bb36ef176750ce4658778d048ab2a0b14f9719b4e02.exe

  • Size

    87KB

  • MD5

    662c0c1974e2f0a8fa14180351da2f49

  • SHA1

    2cf29811f53bca6abc948f3d3978d564ef6da61a

  • SHA256

    aeb51e6017239f8136fd2bb36ef176750ce4658778d048ab2a0b14f9719b4e02

  • SHA512

    eb431e7c24a9602279ee5b2d447a78245a8ff6f54d7d092ff64ebc0d5a820b13d35ec91890356c5de299427c425069c46e03f7b9e6bacd3ce029dec9f6d48367

  • SSDEEP

    1536:BE5EqE/tHCYUE5EqE/ktAi1SQTLkTomuaJRVIoVL4dFG9NUD5icGbe0CFdvTnW:ttHmkiicquFZL4dF7DMbe0CrvT

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in System32 directory 1 IoCs
  • Modifies registry class 64 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aeb51e6017239f8136fd2bb36ef176750ce4658778d048ab2a0b14f9719b4e02.exe
    "C:\Users\Admin\AppData\Local\Temp\aeb51e6017239f8136fd2bb36ef176750ce4658778d048ab2a0b14f9719b4e02.exe"
    1⤵
    • Drops file in Drivers directory
    • Loads dropped DLL
    • Drops file in System32 directory
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:2064

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\msinet.ocx
    Filesize

    112KB

    MD5

    7bec181a21753498b6bd001c42a42722

    SHA1

    3249f233657dc66632c0539c47895bfcee5770cc

    SHA256

    73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31

    SHA512

    d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc

    Download Submit

  • C:\Windows\SysWOW64\msinet.ocx
    Filesize

    112KB

    MD5

    7bec181a21753498b6bd001c42a42722

    SHA1

    3249f233657dc66632c0539c47895bfcee5770cc

    SHA256

    73da54b69911bdd08ea8bbbd508f815ef7cfa59c4684d75c1c602252ec88ee31

    SHA512

    d671e25ae5e02a55f444d253f0e4a42af6a5362d9759fb243ad6d2c333976ab3e98669621ec0850ad915ee06acbe8e70d77b084128fc275462223f4f5ab401bc

    Download Submit

  • memory/2064-132-0x0000000000400000-0x0000000000419000-memory.dmp

    Filesize

    100KB

    Download

  • memory/2064-137-0x0000000000400000-0x0000000000419000-memory.dmp

    Filesize

    100KB

    Download