Overview

overview

8

Static

static

47ba81cca4...e5.exe

windows7-x64

8

47ba81cca4...e5.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    204s
  • max time network
    251s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/12/2022, 19:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    47ba81cca488d64063d332a72c170edc4bd02dc2de15ee38e7e481aa969263e5.exe

  • Size

    160KB

  • MD5

    04ee72b4dd0cacc10beb746cc3949930

  • SHA1

    5ffcde37b009fdb6381feb96c4142e0502453748

  • SHA256

    47ba81cca488d64063d332a72c170edc4bd02dc2de15ee38e7e481aa969263e5

  • SHA512

    51c1706d74ed6734af37030c040916f6067ea3cb9ae3e0820e5215bbb8fff7608c2756bd0227070a0ee1acbe36c35526ebe1b58ae1ff2cc964c8a0b5f92e0448

  • SSDEEP

    1536:3+gDbKlmyJKz5jR7766dxocisPfDsCUjhe+SPBp9oEoTTLgY++++1sY+++++ZDdM:3xbkuVbvLn7Uj3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\47ba81cca488d64063d332a72c170edc4bd02dc2de15ee38e7e481aa969263e5.exe
    "C:\Users\Admin\AppData\Local\Temp\47ba81cca488d64063d332a72c170edc4bd02dc2de15ee38e7e481aa969263e5.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3920
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 3920 -s 468
      2⤵
      • Program crash
      PID:3512
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 3920 -ip 3920
    1⤵
      PID:3736

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads