Overview

overview

6

Static

static

06bf1f0471...37.exe

windows7-x64

6

06bf1f0471...37.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    144s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17/12/2022, 19:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06bf1f047184033f5c7e9a205ca9bf4823c0869189cbd42a479d75e4e00b2237.exe

  • Size

    4.8MB

  • MD5

    48c3ffabb706b466900e19dfb7348d9b

  • SHA1

    d1756fc7f1e63658c6599a3a6dfaa8f09b8846c3

  • SHA256

    06bf1f047184033f5c7e9a205ca9bf4823c0869189cbd42a479d75e4e00b2237

  • SHA512

    1ba1f48511f24f642756ca675b28d3183de6a7af9471ea2bbb5c57962d37a8d97522fcc83f268e01ac4dd5ffdb32a84a23e764f60e9db57abe1f74d8f4eff82c

  • SSDEEP

    49152:40r1HSxpUsulh7leKbA8KHrHTFzU3N+0WypKH+x+s8KuqGaX0ToIBAUZLYMS:l2S9lhpeJrhMWXBJBAUZLm

Score
6/10

Malware Config

Signatures

  • Drops desktop.ini file(s) 1 IoCs
  • Suspicious use of FindShellTrayWindow 6 IoCs
  • Suspicious use of SendNotifyMessage 5 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\06bf1f047184033f5c7e9a205ca9bf4823c0869189cbd42a479d75e4e00b2237.exe
    "C:\Users\Admin\AppData\Local\Temp\06bf1f047184033f5c7e9a205ca9bf4823c0869189cbd42a479d75e4e00b2237.exe"
    1⤵
    • Drops desktop.ini file(s)
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3612-132-0x0000000010000000-0x0000000010075000-memory.dmp

    Filesize

    468KB

    Download

  • memory/3612-133-0x0000000010000000-0x0000000010075000-memory.dmp

    Filesize

    468KB

    Download

  • memory/3612-135-0x0000000010000000-0x0000000010075000-memory.dmp

    Filesize

    468KB

    Download

  • memory/3612-136-0x0000000010000000-0x0000000010075000-memory.dmp

    Filesize

    468KB

    Download