Overview

overview

1

Static

static

11c38623bd...b8.exe

windows7-x64

1

11c38623bd...b8.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    112s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 08:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    11c38623bdd56ba125fee0a5938289e5e55c4e3611de0aeafdcfe92778b62db8.exe

  • Size

    14.0MB

  • MD5

    5e8fdbbfab408d7bce887eb29718d50c

  • SHA1

    d669d93a328777919f952f47d2d92f1b0b34a6c0

  • SHA256

    11c38623bdd56ba125fee0a5938289e5e55c4e3611de0aeafdcfe92778b62db8

  • SHA512

    de3714c808967a842dc83fbc6294b29503ea9bea883aca190fdc89a177e8f6fa6c47201f740fe150351d773fde15b6abdf6721f8bea2ee5bb5ae59f1424e1cf1

  • SSDEEP

    196608:wPXLDRRE4D4wyXjdfPldwy6GQ+ZidSHyDXztNZmIZFU8Ab4Mlh7:wvLNRE4DpyX9zFQCNWXzvZmc7AbpT

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\11c38623bdd56ba125fee0a5938289e5e55c4e3611de0aeafdcfe92778b62db8.exe
    "C:\Users\Admin\AppData\Local\Temp\11c38623bdd56ba125fee0a5938289e5e55c4e3611de0aeafdcfe92778b62db8.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1492

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1492-54-0x0000000075921000-0x0000000075923000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1492-55-0x0000000000400000-0x0000000000AAC000-memory.dmp

    Filesize

    6.7MB

    Download

  • memory/1492-56-0x0000000000400000-0x0000000000AAC000-memory.dmp

    Filesize

    6.7MB

    Download