2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd

Analysis

max time kernel
58s
max time network
39s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
21-02-2023 19:14

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe
Size

4.3MB
MD5

00395d9693862a6cdcd769e6bd540fe1
SHA1

12908b1fb11aed1657a437c1efd1ce7c0cc2d133
SHA256

2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd
SHA512

c7a7549ea4b4eaddc7347015c6a883d5782065fd1cf178acd8710840242a057bba3f2ae70e4bb2ab13cac7f83bd15cc0b4d2bb970e5c1d754b03fcb6a6cef9cc
SSDEEP

98304:8WVsS8RhweqqfUk706hgU7HfOuYXevnC87emSlmVQ3Bcl/A:8WVsS8df/7bXHfORXInXedqI

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 3 IoCs

Processes:

2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe

pid	process
816	2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe
816	2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe
816	2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe

C:\Users\Admin\AppData\Local\Temp\2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe
"C:\Users\Admin\AppData\Local\Temp\2224e40fda8dc5900c484a8335830b0eb0eaaace9616ee690f71928dbda29fcd.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\config.ini
Filesize
71B

MD5
808d5f6b23e4875401edaee3299a1c91

SHA1
81e8cb661476dc24702829634cfe5fc15b3d26f7

SHA256
0c9461ab0c7a55cd42c89245dec1549110b207b7621934b59223c87bb8bb07dd

SHA512
9fff19d552ca4966eac6445f7d8bbdfc1e36e4d49b29e1b80cae5ef513910a13694f0f5e8b37ff82e78dc7419fa804c326c87577e473a87bc4ffc728e9c0defb

Download Submit
memory/816-58-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-59-0x0000000002C10000-0x0000000002D50000-memory.dmp

Filesize
1.2MB

Download
memory/816-63-0x0000000002C10000-0x0000000002D50000-memory.dmp

Filesize
1.2MB

Download
memory/816-54-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-64-0x0000000002C10000-0x0000000002D50000-memory.dmp

Filesize
1.2MB

Download
memory/816-60-0x0000000002C10000-0x0000000002D50000-memory.dmp

Filesize
1.2MB

Download
memory/816-61-0x0000000002C10000-0x0000000002D50000-memory.dmp

Filesize
1.2MB

Download
memory/816-65-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-57-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-56-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-62-0x0000000002C10000-0x0000000002D50000-memory.dmp

Filesize
1.2MB

Download
memory/816-55-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-102-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/816-103-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-107-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-110-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download
memory/816-111-0x0000000000400000-0x00000000010FA000-memory.dmp

Filesize
13.0MB

Download