Overview

overview

7

Static

static

afca555b69...7a.exe

windows7-x64

7

afca555b69...7a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    90s
  • max time network
    131s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/01/2023, 20:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    afca555b69774b0dfe5ef9ad55ffe81f564837095a6106cafbd3a035e6fb5a7a.exe

  • Size

    636KB

  • MD5

    245d7973c1e040f93c22780269b40597

  • SHA1

    3d2464bf2d2746cb264a44883362aa820948d78a

  • SHA256

    afca555b69774b0dfe5ef9ad55ffe81f564837095a6106cafbd3a035e6fb5a7a

  • SHA512

    f53ae11ac2f2760d6cc832f69537b303b4d940d144f2e5c2b2629690a0eec3eb764eada144d77923d3da838f9021077ff8cea0162ab111db66eb484a5cc7b984

  • SSDEEP

    12288:5h5sbta2K+hAepnuc20kSklfL1UKL0Tb+JNCPFc7Fg8iOMB02n9fII:5hcrAEuVSkT6TmNUc7STOe1

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\afca555b69774b0dfe5ef9ad55ffe81f564837095a6106cafbd3a035e6fb5a7a.exe
    "C:\Users\Admin\AppData\Local\Temp\afca555b69774b0dfe5ef9ad55ffe81f564837095a6106cafbd3a035e6fb5a7a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4412

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\E_N30005\krnln.fnr
          Filesize

          1.2MB

          MD5

          81c22cc42c6bcda834ecbc5eadaa35fd

          SHA1

          18d75f87b15497e786e34656721057a66bf3e834

          SHA256

          3e6241fc94443e8e2c6b2ec2298be385786079f0c8c3503c72b827796233e585

          SHA512

          4fe7dd4713fad03ac6583bc12c188b529334b596ac9eb61dccf5c8cdcbbefc758fb119cf730f1eb1fccd23c6a251ec0c1714d074434b75c23fcd828610df373a

          Download Submit

        • memory/4412-133-0x0000000000400000-0x000000000040B000-memory.dmp

          Filesize

          44KB

          Download