Overview

overview

7

Static

static

9836bebe77...56.exe

windows7-x64

7

9836bebe77...56.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    24s
  • max time network
    77s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    03/12/2022, 15:37

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9836bebe770095a1e70f0c715a3118c79e27d878c8f04376ce1cde5e7bce2c56.exe

  • Size

    1.5MB

  • MD5

    8e4d12485a2856f537845a7e8efc5c46

  • SHA1

    8d5b63b9fd16f834989f3dfc328768c4057d0e6a

  • SHA256

    9836bebe770095a1e70f0c715a3118c79e27d878c8f04376ce1cde5e7bce2c56

  • SHA512

    d4009c5f46cff3efdfc52566eac76e383cf820db578b20c3db46f455d165cda41987de36c9e063e12e79813936a05fb5217bcab8fcc4a70f5aebd1884c0c5bb2

  • SSDEEP

    24576:vhOmIC7QYxJEN/V1NXA2SzpYtd1xFPy5LovIzT7RTRmjdwv5UhtnIdisrYZg7WRU:5OjC79xJENe2SzSt7a5L+IzvqBLI027B

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 20 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9836bebe770095a1e70f0c715a3118c79e27d878c8f04376ce1cde5e7bce2c56.exe
    "C:\Users\Admin\AppData\Local\Temp\9836bebe770095a1e70f0c715a3118c79e27d878c8f04376ce1cde5e7bce2c56.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:1372

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\E_4\HtmlView.fne
          Filesize

          224KB

          MD5

          59f0a258fa01bce2a69d263bea890e40

          SHA1

          b12b47e9c7ea859967ed75facdce4b54f9911a41

          SHA256

          0352856a5f8645f90857baee3d6310e88215f6489b2641b2682ee6cde3b2d4e2

          SHA512

          588ac395416b3fca6580f5de872b49aa81a21f97ff482eae286072f4bffeeef332170a27fa866b4a425dffdf0f107d659637eaeda5035d8e8458e6d800c11ae3

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_4\TrayIcon.fne
          Filesize

          148KB

          MD5

          f92db07c8a5a6560eaa73ff061253a34

          SHA1

          4605b826f6b4935ce8f0a18538d50a73af4e141a

          SHA256

          2eb3cd581baff6c2b6669fc52a457378d8521c00bdac6d3639316bda380aab3d

          SHA512

          855c6f696457296d06dc216acaa3459b5c41d2b6e93860e04da0ff7f7ace79c69a1b56bd5d2d8dd536624e2f9ff8de10e0d121d57e8781c8a4d3864ca52ae127

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_4\iext.fnr
          Filesize

          212KB

          MD5

          6c0b74908c48f17b7c280a8702de36da

          SHA1

          1ac380e5d8dd5c3b5f92a0fdaab7f9e83b6867c2

          SHA256

          09533a0e86418974acf36dfd2f87b753a169890494bef4832c45811864b55d51

          SHA512

          1b39241d44dddf72248f3b38e7e8088aa23df4e74fef30580a671af59e45dc7c48a2cce7e3b628a8242db85fae535f2af03a6202cbe5ac73d170af05b147312e

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_4\iext5.fne
          Filesize

          320KB

          MD5

          44509383fced4ffcfd46f28a45575fb5

          SHA1

          aa546a03aa9fdd81a08b569fb8bd09aad6843f8e

          SHA256

          1aa9c8e466944014db272f639d5fa79f86d6533f08d6a753cd379b17ba0b1cc6

          SHA512

          0c34b684ba58fb34ec79b090b0b288e9f9874c57b2f465caec3e15c278ec107729613a5152ced2a7227a8ac14a1915a8d9ff03a23cb5d528de3808c86c553fd7

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_4\internet.fne
          Filesize

          192KB

          MD5

          43d82c51112e0f95b6b4770548584454

          SHA1

          d7b4a37c9de79ebd2a84904d08202c860a34eb05

          SHA256

          1e97c1aed1785b35076cd246086f2b254b71ef0f22400bfa056b05a43d766d79

          SHA512

          c769d7de070c11b7d73f9d6deaf1db16cefa5b980c13ccd25ef25129ea3df51ec6d033265ee5fb466327781cc5360c34e8d1766663d01fd74f6b9c7323482be9

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_4\krnln.fnr
          Filesize

          370KB

          MD5

          3c13b5fab089005075dc38de072f4757

          SHA1

          a18f3eb7afa9f61cfe5f0d9b42df64b7f28fd7fb

          SHA256

          b4ab6a8623461f571deda2c5c2b6a94ff64e4229225569c167f265c698778a38

          SHA512

          c993abd049ff523b55b2134973321d241dee39c284624e823341be503b904d8744aed0c25460f6483946dbe8ad6b8aa4a5a422c08173531f0d78144e8f6f9de9

          Download Submit

        • \Users\Admin\AppData\Local\Temp\E_4\shell.fne
          Filesize

          22KB

          MD5

          c5e1b450d6afe2097a0562cc123ffe2e

          SHA1

          de52aa15a3f56bef4ab6051b6daacebc1674fb80

          SHA256

          920e7ba83603524b1def651753ee2f5c124314eb522166586e9e99fc477283d5

          SHA512

          d581fefff97aa77142bb998c7be3b05cfd7327ece515008e709b2f12849f6f663a298fbf7fdb469dfbf785f05c2d1c9bc7758b2ffce84152d4ef9e416779cc2e

          Download Submit

        • memory/1372-67-0x0000000003360000-0x000000000339B000-memory.dmp

          Filesize

          236KB

          Download

        • memory/1372-57-0x0000000076041000-0x0000000076043000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1372-61-0x0000000003130000-0x0000000003173000-memory.dmp

          Filesize

          268KB

          Download

        • memory/1372-54-0x0000000000400000-0x0000000000489000-memory.dmp

          Filesize

          548KB

          Download

        • memory/1372-58-0x0000000010000000-0x000000001017F000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/1372-70-0x00000000034A0000-0x00000000034D4000-memory.dmp

          Filesize

          208KB

          Download

        • memory/1372-72-0x0000000010000000-0x000000001017F000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/1372-64-0x0000000003300000-0x000000000335F000-memory.dmp

          Filesize

          380KB

          Download

        • memory/1372-74-0x00000000036C0000-0x00000000036FF000-memory.dmp

          Filesize

          252KB

          Download

        • memory/1372-76-0x0000000000400000-0x0000000000489000-memory.dmp

          Filesize

          548KB

          Download

        • memory/1372-77-0x0000000000330000-0x000000000038A000-memory.dmp

          Filesize

          360KB

          Download

        • memory/1372-78-0x0000000010000000-0x000000001017F000-memory.dmp

          Filesize

          1.5MB

          Download

        • memory/1372-55-0x0000000000330000-0x000000000038A000-memory.dmp

          Filesize

          360KB

          Download

        • memory/1372-80-0x0000000003550000-0x000000000356C000-memory.dmp

          Filesize

          112KB

          Download

        • memory/1372-81-0x0000000003550000-0x000000000356C000-memory.dmp

          Filesize

          112KB

          Download