Overview

overview

7

Static

static

f4601d50d2...f4.exe

windows7-x64

7

f4601d50d2...f4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/12/2022, 12:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f4601d50d2ac6d9bca87c16d7a785e3446e84fef801949e2c01ca73d5a61f3f4.exe

  • Size

    1.6MB

  • MD5

    04e24a33d3263112025f6242fa08343c

  • SHA1

    0c8bc016b7b2f9b24e782372263cab879988be54

  • SHA256

    f4601d50d2ac6d9bca87c16d7a785e3446e84fef801949e2c01ca73d5a61f3f4

  • SHA512

    10913d944573b7ce926a0de7ab7f0dd674a9f46735152cfaf9ac9b37df44e7017c6c4618259a1c0ffc999519e2d68a9710f6e153ac165f7d56e6083455897a19

  • SSDEEP

    49152:XhiaQ8b/cTmGcKj5sWav0FF+3SjPKtoh/aK:w8b/cCBKj5B00gSrKta1

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 11 IoCs
  • Suspicious use of SetWindowsHookEx 24 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f4601d50d2ac6d9bca87c16d7a785e3446e84fef801949e2c01ca73d5a61f3f4.exe
    "C:\Users\Admin\AppData\Local\Temp\f4601d50d2ac6d9bca87c16d7a785e3446e84fef801949e2c01ca73d5a61f3f4.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2556

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\E_N4\HtmlView.fne
          Filesize

          212KB

          MD5

          4c9e8f81bf741a61915d0d4fc49d595e

          SHA1

          d033008b3a0e5d3fc8876e0423ee5509ecb3897c

          SHA256

          951d725f4a12cd4ff713ca147fa3be08a02367db6731283c3f1ba30445990129

          SHA512

          cf2c6f8f471c8a5aad563bc257035515860689b73ce343599c7713de8bc8338a031a722f366e005bc1907d6fc97b68b8b415e8ff05b7324fb1040c5dc02315d7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\HtmlView.fne
          Filesize

          212KB

          MD5

          4c9e8f81bf741a61915d0d4fc49d595e

          SHA1

          d033008b3a0e5d3fc8876e0423ee5509ecb3897c

          SHA256

          951d725f4a12cd4ff713ca147fa3be08a02367db6731283c3f1ba30445990129

          SHA512

          cf2c6f8f471c8a5aad563bc257035515860689b73ce343599c7713de8bc8338a031a722f366e005bc1907d6fc97b68b8b415e8ff05b7324fb1040c5dc02315d7

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\iext2.fne
          Filesize

          460KB

          MD5

          6eb20bb6cafd6d31e871ed3abd65a59c

          SHA1

          ae6495ea4241bcde20e415f2940313785a4a10d2

          SHA256

          2b3fe250f07229eaa58d1bc0c4ac103ba69ad622c27410151ce1d6d46a174bae

          SHA512

          562edc1f058bc280333a6659fceb5a51b3a40bea7aca87db09b0cc1ca1966f26f2a7e4760b944e2502e20257544f85cf9c32f583f1dec06271a35dcfb8fa90f4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\iext2.fne
          Filesize

          460KB

          MD5

          6eb20bb6cafd6d31e871ed3abd65a59c

          SHA1

          ae6495ea4241bcde20e415f2940313785a4a10d2

          SHA256

          2b3fe250f07229eaa58d1bc0c4ac103ba69ad622c27410151ce1d6d46a174bae

          SHA512

          562edc1f058bc280333a6659fceb5a51b3a40bea7aca87db09b0cc1ca1966f26f2a7e4760b944e2502e20257544f85cf9c32f583f1dec06271a35dcfb8fa90f4

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\internet.fne
          Filesize

          192KB

          MD5

          0503d44bada9a0c7138b3f7d3ab90693

          SHA1

          c4ea03151eeedd1c84beaa06e73faa9c1e9574fc

          SHA256

          7c077b6806738e62a9c2e38cc2ffefefd362049e3780b06a862210f1350d003e

          SHA512

          f14dfa273b514753312e1dfc873ac501d6aa7bbd17cd63d16f3bcb9caddcb5ea349c072e73448a2beb3b1010c674be9c8ad22257d8c7b65a3a05e77e69d3b7a8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\internet.fne
          Filesize

          192KB

          MD5

          0503d44bada9a0c7138b3f7d3ab90693

          SHA1

          c4ea03151eeedd1c84beaa06e73faa9c1e9574fc

          SHA256

          7c077b6806738e62a9c2e38cc2ffefefd362049e3780b06a862210f1350d003e

          SHA512

          f14dfa273b514753312e1dfc873ac501d6aa7bbd17cd63d16f3bcb9caddcb5ea349c072e73448a2beb3b1010c674be9c8ad22257d8c7b65a3a05e77e69d3b7a8

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
          Filesize

          1.1MB

          MD5

          638e737b2293cf7b1f14c0b4fb1f3289

          SHA1

          f8e2223348433b992a8c42c4a7a9fb4b5c1158bc

          SHA256

          baad4798c3ab24dec8f0ac3cde48e2fee2e2dffa60d2b2497cd295cd6319fd5b

          SHA512

          4d714a0980238c49af10376ff26ec9e6415e7057925b32ec1c24780c3671047ac5b5670e46c1c6cf9f160519be8f37e1e57f05c30c6c4bda3b275b143aa0bf12

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\script.fne
          Filesize

          152KB

          MD5

          4c36a56c52e92543c1553b5f6fdc6c29

          SHA1

          367af6b36e4017269833da2afae1e235de2a5f81

          SHA256

          f431015f2f4d04f44e21ae582c9d416718df3b24768f69b91e299bd47aae5258

          SHA512

          ad59057be70fc4f4e7320e60ce72993330c668964630918d5fc85cd008abbeb73c4ecc55be9f8c27ff6403d3826db85e4adbc94cfb665f302eba2624037b01ba

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\script.fne
          Filesize

          152KB

          MD5

          4c36a56c52e92543c1553b5f6fdc6c29

          SHA1

          367af6b36e4017269833da2afae1e235de2a5f81

          SHA256

          f431015f2f4d04f44e21ae582c9d416718df3b24768f69b91e299bd47aae5258

          SHA512

          ad59057be70fc4f4e7320e60ce72993330c668964630918d5fc85cd008abbeb73c4ecc55be9f8c27ff6403d3826db85e4adbc94cfb665f302eba2624037b01ba

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\xplib.fne
          Filesize

          48KB

          MD5

          37a58e1c5ce48e401ee8dd1d1da54814

          SHA1

          a87d00d78838c2d968b72330ee6f21f69b2caae5

          SHA256

          1c426928fb90bedb31fcffa0f3fbe7bdbca4259f93f5abdefed6a9a089f2982c

          SHA512

          e85052fc305040bdcaf47262e0ce6eef0848b319baac72a076dc94e7d20ea7ad8fbdd7d5381606a3154ab84fe81429bb339123ac1cd94551b1dc9cecfb7a08bf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N4\xplib.fne
          Filesize

          48KB

          MD5

          37a58e1c5ce48e401ee8dd1d1da54814

          SHA1

          a87d00d78838c2d968b72330ee6f21f69b2caae5

          SHA256

          1c426928fb90bedb31fcffa0f3fbe7bdbca4259f93f5abdefed6a9a089f2982c

          SHA512

          e85052fc305040bdcaf47262e0ce6eef0848b319baac72a076dc94e7d20ea7ad8fbdd7d5381606a3154ab84fe81429bb339123ac1cd94551b1dc9cecfb7a08bf

          Download Submit

        • memory/2556-145-0x0000000002530000-0x0000000002568000-memory.dmp

          Filesize

          224KB

          Download

        • memory/2556-132-0x0000000000400000-0x000000000043B000-memory.dmp

          Filesize

          236KB

          Download

        • memory/2556-141-0x00000000026C0000-0x0000000002743000-memory.dmp

          Filesize

          524KB

          Download

        • memory/2556-149-0x00000000025A0000-0x00000000025AD000-memory.dmp

          Filesize

          52KB

          Download

        • memory/2556-138-0x0000000000400000-0x000000000043B000-memory.dmp

          Filesize

          236KB

          Download

        • memory/2556-136-0x0000000002360000-0x0000000002389000-memory.dmp

          Filesize

          164KB

          Download

        • memory/2556-152-0x00000000039A0000-0x00000000039DF000-memory.dmp

          Filesize

          252KB

          Download