Overview

overview

7

Static

static

1c3157dad5...ba.exe

windows7-x64

7

1c3157dad5...ba.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    39s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06/12/2022, 14:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1c3157dad577805b2161191bc7ad4fce1008b356f984e8b46f0ba890126b99ba.exe

  • Size

    598KB

  • MD5

    b0d4c2f73ad89af8a48b2b6e40c1f7a0

  • SHA1

    8a86b6e9fd19bfee366dc58f5c7e3a60a801caf8

  • SHA256

    1c3157dad577805b2161191bc7ad4fce1008b356f984e8b46f0ba890126b99ba

  • SHA512

    978f59f61b21467ed2ee7384dec41665598f518ec4daed105673f93ba39cd5007a22a0a0aecfcd5504afc3e1d1a0d22c83b24518b4d36d91d3a53aaebc58eafd

  • SSDEEP

    12288:H1vF2cGdBkGU/r/0KgmZkp6B90vGkDFKCwUPlaw5H6:H72/disKgkb0vfDF5Va/

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1c3157dad577805b2161191bc7ad4fce1008b356f984e8b46f0ba890126b99ba.exe
    "C:\Users\Admin\AppData\Local\Temp\1c3157dad577805b2161191bc7ad4fce1008b356f984e8b46f0ba890126b99ba.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1508

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\NBHelp.dll
          Filesize

          62KB

          MD5

          560aa0da3707d8237a5c53a5ac7ceef6

          SHA1

          84837e3c83f3a02b77a34d8bce7e2378e3c248af

          SHA256

          2287fea889634f8e411d389fd2094a5b613535c5c225a345822341f929c76120

          SHA512

          91edb44180f473e0266aaeee8a207681f6435e184f8fcea48475c8a73a6ea297e306fb0e674c02271c461b94c56f68749ebcfb9a3819a7e0c041e1591d43dce9

          Download Submit

        • memory/1508-54-0x0000000075451000-0x0000000075453000-memory.dmp

          Filesize

          8KB

          Download

        • memory/1508-56-0x00000000004A0000-0x00000000004B5000-memory.dmp

          Filesize

          84KB

          Download