Overview

overview

9

Static

static

eb602f8b63...30.exe

windows7-x64

9

eb602f8b63...30.exe

windows10-2004-x64

9

Analysis

  • max time kernel
    52s
  • max time network
    32s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02-12-2022 17:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb602f8b633a3d87b0bf505573e32632e9d7fcc470e434e50df0e97be3201730.exe

  • Size

    230KB

  • MD5

    a2f5f41d61919e4609d173889845e2e4

  • SHA1

    d1207c218504f3cef7059999a05342a06c1138b2

  • SHA256

    eb602f8b633a3d87b0bf505573e32632e9d7fcc470e434e50df0e97be3201730

  • SHA512

    69aea738db886dce0b89aaaf72ec263e624cd10f7f9b58051850d8b8583e99cd451010ed7b0d7fe4d7f6327da2dbdc9fe282507f133f2345b5a0f3d32bdcc6eb

  • SSDEEP

    1536:Ez7XE3QjjRDnQmJ0FITbz8PTlX2Vf5FAvNfmLHfq9dk11C2MC6kpO7xMx:EzrE+joI3z87lmpiMS9EC2MC8FI

Score
9/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eb602f8b633a3d87b0bf505573e32632e9d7fcc470e434e50df0e97be3201730.exe
    "C:\Users\Admin\AppData\Local\Temp\eb602f8b633a3d87b0bf505573e32632e9d7fcc470e434e50df0e97be3201730.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:1152

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Windows\SysWOW64\s32kcp.dll
    Filesize

    24KB

    MD5

    d9ea52d19a203cd964263272315a71d8

    SHA1

    5aa90f154e5bb01351523e97d37fb20e69ee7b6e

    SHA256

    ca34b8abaa6ef2e5c334bf1e3b6c40113daa85d292a4979ff485d0e39380864d

    SHA512

    d67e6fa33fd80147aff518c982eb8ae255b06d13a5be08ddc264eb00b6563e5e8efb00c08cf5b31e738b13a2d3faf78fa3d97ed3fded15dbce1ad050bf9081e7

    Download Submit

  • memory/1152-54-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/1152-55-0x0000000075881000-0x0000000075883000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1152-56-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/1152-58-0x0000000010000000-0x0000000010017000-memory.dmp

    Filesize

    92KB

    Download

  • memory/1152-59-0x0000000010000000-0x0000000010017000-memory.dmp

    Filesize

    92KB

    Download