Overview

overview

7

Static

static

7

8a2d414668...bc.exe

windows7-x64

7

8a2d414668...bc.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14-02-2023 04:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a2d414668c2ee736153ffb66d0fa02f2db12498e8af4d80ecfdbeeccc56c0bc.exe

  • Size

    1019KB

  • MD5

    944db956216499b77d6fa7f93768a0c9

  • SHA1

    a03535958ed6c6d333de90adcd6cccd8002c1bc7

  • SHA256

    8a2d414668c2ee736153ffb66d0fa02f2db12498e8af4d80ecfdbeeccc56c0bc

  • SHA512

    ca45d6411c1f5bbb49de8cb0a335d22bc9876194433d8182487239a7402a83f27887cf105f2c8075aab627295834fa9245b3189f6a02b6f1947e126443b0874a

  • SSDEEP

    24576:TR1ZdgHCL7nV2IQYQyK2XL4qg7yZVDqPsyWa+XNB:TR1ZdgHDyrX8qlql+XNB

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8a2d414668c2ee736153ffb66d0fa02f2db12498e8af4d80ecfdbeeccc56c0bc.exe
    "C:\Users\Admin\AppData\Local\Temp\8a2d414668c2ee736153ffb66d0fa02f2db12498e8af4d80ecfdbeeccc56c0bc.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:5000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_60003\iext.fnr
    Filesize

    196KB

    MD5

    293929d2b976c3e8b2c832b1eaf4d46f

    SHA1

    2a1c54f5b5205919b90acb4de6a1f27343017436

    SHA256

    a8ec0f71e53f8a2f9a15a2fb8995121700e11c4f65e77af2a83aef3602580b2e

    SHA512

    53565f829028598731ea5bbc6f45cf4ea3147b5e339bd0f101b04104ff6c608e2fee1f5ee4dfb0e2447f3e4f5616e5fcff6b6dac157e8655829db5bd3d753af7

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\E_60003\iext.fnr
    Filesize

    196KB

    MD5

    293929d2b976c3e8b2c832b1eaf4d46f

    SHA1

    2a1c54f5b5205919b90acb4de6a1f27343017436

    SHA256

    a8ec0f71e53f8a2f9a15a2fb8995121700e11c4f65e77af2a83aef3602580b2e

    SHA512

    53565f829028598731ea5bbc6f45cf4ea3147b5e339bd0f101b04104ff6c608e2fee1f5ee4dfb0e2447f3e4f5616e5fcff6b6dac157e8655829db5bd3d753af7

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\E_60003\iext2.fne
    Filesize

    248KB

    MD5

    54ab5f769f951249623bc2140b9039d8

    SHA1

    8c8b1e1b116dc8ec40c6d1277bf5a68120078cc4

    SHA256

    2c4a13a9fb34eede3fbc9455c7a364e06f47abdcbf240b5c8df88ea90fe30095

    SHA512

    273a039a752b3bb5f0600314d991207e0779945273477aacdaa366612a0c54e69209d7895f3b83292d20c3e5cd17e3d79872161300810106852920a94a67d784

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\E_60003\iext2.fne
    Filesize

    248KB

    MD5

    54ab5f769f951249623bc2140b9039d8

    SHA1

    8c8b1e1b116dc8ec40c6d1277bf5a68120078cc4

    SHA256

    2c4a13a9fb34eede3fbc9455c7a364e06f47abdcbf240b5c8df88ea90fe30095

    SHA512

    273a039a752b3bb5f0600314d991207e0779945273477aacdaa366612a0c54e69209d7895f3b83292d20c3e5cd17e3d79872161300810106852920a94a67d784

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\E_60003\krnln.fnr
    Filesize

    996KB

    MD5

    ddaf7a94619cbeaac4e0c04dbf9bce99

    SHA1

    ff142c73c0237ce29ff594cb6c287e5d210370b5

    SHA256

    fb6522d23bdb2eb2a48b5ee6d3cdfba2d1dda848922ad99dc939d718a3ab383c

    SHA512

    730268e14454f0a778db85056ae383416ea337b962aac812c6761dbe3ca0e20176c2fc1c02585bd3843cff3779b8160a92e66c773b6febd6f5165c400f89cbce

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\E_60003\xplib.fne
    Filesize

    40KB

    MD5

    1f9c82ece3c8f3bb23fe73538ffc57ef

    SHA1

    8b709ed09aeb296f1aa21d8a58c5086301e5853e

    SHA256

    02e71c2980dff2c5e6f737cca330d5abaf564f4a4f20ae48c03230eeb6ca8ec2

    SHA512

    9d682940ecc60aaacaac93d2f0333dc15c718014c2797821a6a6ce3090554fc6cb63aa56698c03f0850a71f139c68a3e42929bc5048a432ff5c11d24bd1f902d

    Download Submit
  • C:\Users\Admin\AppData\Local\Temp\E_60003\xplib.fne
    Filesize

    40KB

    MD5

    1f9c82ece3c8f3bb23fe73538ffc57ef

    SHA1

    8b709ed09aeb296f1aa21d8a58c5086301e5853e

    SHA256

    02e71c2980dff2c5e6f737cca330d5abaf564f4a4f20ae48c03230eeb6ca8ec2

    SHA512

    9d682940ecc60aaacaac93d2f0333dc15c718014c2797821a6a6ce3090554fc6cb63aa56698c03f0850a71f139c68a3e42929bc5048a432ff5c11d24bd1f902d

    Download Submit
  • memory/5000-133-0x0000000000400000-0x00000000004AD000-memory.dmp
    Filesize

    692KB

    Download
  • memory/5000-136-0x0000000002390000-0x00000000023CF000-memory.dmp
    Filesize

    252KB

    Download
  • memory/5000-140-0x00000000023D0000-0x00000000023DB000-memory.dmp
    Filesize

    44KB

    Download
  • memory/5000-143-0x0000000002430000-0x000000000247E000-memory.dmp
    Filesize

    312KB

    Download
  • memory/5000-145-0x0000000000400000-0x00000000004AD000-memory.dmp
    Filesize

    692KB

    Download