Overview

overview

7

Static

static

d22dfc15bb...ac.exe

windows7-x64

7

d22dfc15bb...ac.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    112s
  • max time network
    105s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/12/2022, 19:29

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d22dfc15bbe470ac425a2108aa7e6dc078512cfd921d6ca8705def93b5727fac.exe

  • Size

    1.5MB

  • MD5

    da80c105a045694275792834aceef422

  • SHA1

    c280a0fc21902ab7aabd029adf775aca18a0b85d

  • SHA256

    d22dfc15bbe470ac425a2108aa7e6dc078512cfd921d6ca8705def93b5727fac

  • SHA512

    1352a584ff1a8d3c87c0d7d6a51b37c7a9a37f6f0ccb5b4bf59f081b14db65407c465ba19c9a14c0837ff6bc26a86ecfebd0834a2cf5df010bfb098cf5c1d5d9

  • SSDEEP

    24576:dhWj/nxWM5ti12tPcblN78p0Ng2NcaghwxhKh6FWsi+ScWWO5m:dhWDB81ePmm0fcaKbmx

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 31 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d22dfc15bbe470ac425a2108aa7e6dc078512cfd921d6ca8705def93b5727fac.exe
    "C:\Users\Admin\AppData\Local\Temp\d22dfc15bbe470ac425a2108aa7e6dc078512cfd921d6ca8705def93b5727fac.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:4912

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\E_N50005\edroptarget.fne
          Filesize

          156KB

          MD5

          ca77aec89bd2f81bbef77ff26b88148a

          SHA1

          27e8eb70f218d5d085344fce21653dc31e0dda29

          SHA256

          1eaf42e6c734eb332f0edf7d3cf7c408f72b3267ae5408675d3604a6b23319d2

          SHA512

          985592f5a0c5916b1dc83079f17abb0fb4fb20aeb8b9a9d6ffd1b196eeda45d5d2393654cee3e6c1405d431f2fd55403ce734d75a948fdc56fea2d67217067cf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N50005\edroptarget.fne
          Filesize

          156KB

          MD5

          ca77aec89bd2f81bbef77ff26b88148a

          SHA1

          27e8eb70f218d5d085344fce21653dc31e0dda29

          SHA256

          1eaf42e6c734eb332f0edf7d3cf7c408f72b3267ae5408675d3604a6b23319d2

          SHA512

          985592f5a0c5916b1dc83079f17abb0fb4fb20aeb8b9a9d6ffd1b196eeda45d5d2393654cee3e6c1405d431f2fd55403ce734d75a948fdc56fea2d67217067cf

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N50005\iext.fnr
          Filesize

          204KB

          MD5

          856495a1605bfc7f62086d482b502c6f

          SHA1

          86ecc67a784bc69157d664850d489aab64f5f912

          SHA256

          8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

          SHA512

          35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N50005\iext.fnr
          Filesize

          204KB

          MD5

          856495a1605bfc7f62086d482b502c6f

          SHA1

          86ecc67a784bc69157d664850d489aab64f5f912

          SHA256

          8c8254cb49f7287b97c7f952c81edabc9f11f3fa3f02f265e67d5741998cf0bf

          SHA512

          35a6e580cd362c64f1e1f9c3439660bd980ec437bd8cabbdc49479ceb833cd8cb6c82d2fb747516d5cfcf2af0ba540bc01640171fbe3b4d0e0a3eeeaa69dd1d9

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\E_N50005\krnln.fnr
          Filesize

          1.2MB

          MD5

          27624b70558e32a98698fda958cdee8d

          SHA1

          b966e5b0adfe9b72e2f1bd331a0790c5f25adcbf

          SHA256

          bdddba33b7e7e69e3e492c714f0e16c3246abd58c4b04d00b0ed34a3cc159eef

          SHA512

          f29a9dc65240c52896bbf805d1b09328996673d01c7c85a8d1e99636ae1d09c77a448d15153737f838d539adbf3d6eb8a55e0b3c044c0739b12270ff0be32c97

          Download Submit

        • memory/4912-135-0x0000000002310000-0x000000000233A000-memory.dmp

          Filesize

          168KB

          Download

        • memory/4912-137-0x0000000000400000-0x0000000000477000-memory.dmp

          Filesize

          476KB

          Download

        • memory/4912-140-0x0000000002650000-0x0000000002691000-memory.dmp

          Filesize

          260KB

          Download