e5b13427e4b32697363139c741aae505aea4029f16d500d4b93cfddcd4e4c05e

Resubmissions

22-02-2023 10:59

230222-m3twlsba32 1

21-02-2023 17:57

230221-wjyvwsfg66 10

Analysis

max time kernel
128s
max time network
31s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
22-02-2023 10:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

winrar-x64-621d.exe
Size

3.6MB
MD5

2ea8bf1895df09f82a4c2aea3c3db68b
SHA1

29edf8f6f379a0bb91ebf8aedc82709a8e7ad91f
SHA256

e5b13427e4b32697363139c741aae505aea4029f16d500d4b93cfddcd4e4c05e
SHA512

34b985f193166c27e8f9e947184d35c7814f7f0a7b5e2e83e8706bab204817882ed450ea5619ad5036bfa0638a518bb23dd301a8885d8690d7781a84d69f2ba2
SSDEEP

98304:eXBOBfKZt4UEAHiCf8zCgsUhG3qZocPI3c:eX/Zt4bWf5EG3q1V

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

Processes:

winrar-x64-621d.exe

description	ioc	process
Key created	\REGISTRY\USER\S-1-5-21-1563773381-2037468142-1146002597-1000\Software\Microsoft\Internet Explorer\Main	winrar-x64-621d.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes:

winrar-x64-621d.exe

pid process

1552 winrar-x64-621d.exe
Suspicious use of SetWindowsHookEx 2 IoCs

Processes:

winrar-x64-621d.exe

pid process

1552 winrar-x64-621d.exe
1552 winrar-x64-621d.exe

pid	process
1552	winrar-x64-621d.exe

pid	process
1552	winrar-x64-621d.exe
1552	winrar-x64-621d.exe

C:\Users\Admin\AppData\Local\Temp\winrar-x64-621d.exe
"C:\Users\Admin\AppData\Local\Temp\winrar-x64-621d.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1552

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix ATT&CK v6

Replay Monitor

Loading Replay Monitor...

Downloads