Overview

overview

8

Static

static

c7a4afd93b...31.exe

windows7-x64

8

c7a4afd93b...31.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    136s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/12/2022, 23:00

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c7a4afd93b84f9ea311bd8f4f332f6e2a59bd95343644ada2ff492a76a0e6731.exe

  • Size

    400KB

  • MD5

    ec5c45192046fae230c06c3d52bda528

  • SHA1

    3bfab1d44711740ae2ca942fab6a3cc4f4cf0cff

  • SHA256

    c7a4afd93b84f9ea311bd8f4f332f6e2a59bd95343644ada2ff492a76a0e6731

  • SHA512

    ce2092145279b5e1083f793066969042241b56f0e3218eb73b969ecf2935579af65cdb878892034994575facecb75b55da0ddbb9c6352976a366bd0786d2d97e

  • SSDEEP

    12288:KBAsu/1OsCzbT7YebtN2rMFpouF0/D60:XMzEgNPFpoz/9

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c7a4afd93b84f9ea311bd8f4f332f6e2a59bd95343644ada2ff492a76a0e6731.exe
    "C:\Users\Admin\AppData\Local\Temp\c7a4afd93b84f9ea311bd8f4f332f6e2a59bd95343644ada2ff492a76a0e6731.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4948
    • C:\Program Files\Polish\ortuguese.exe
      "C:\Program Files\Polish\ortuguese.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1532

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Polish\ortuguese.exe
          Filesize

          400KB

          MD5

          d652441525e8242a9cd2dcb140e35983

          SHA1

          6e41418f4657ab98463fc4fb7c37a6791ab7f77f

          SHA256

          d280fe3903fe045173b008db2049680ceec0584a34c0cedcd87758d2008e40f0

          SHA512

          6297c7ff02e80808d26040145f0f01992ed50a9d9bb2dbb0e2466709e61edb1bb3d59e614c1de131ba08c9a245469ddc40f1bf61986a9907935d0d1bdf9ef702

          Download Submit

        • C:\Program Files\Polish\ortuguese.exe
          Filesize

          400KB

          MD5

          d652441525e8242a9cd2dcb140e35983

          SHA1

          6e41418f4657ab98463fc4fb7c37a6791ab7f77f

          SHA256

          d280fe3903fe045173b008db2049680ceec0584a34c0cedcd87758d2008e40f0

          SHA512

          6297c7ff02e80808d26040145f0f01992ed50a9d9bb2dbb0e2466709e61edb1bb3d59e614c1de131ba08c9a245469ddc40f1bf61986a9907935d0d1bdf9ef702

          Download Submit