Overview

overview

7

Static

static

7

215b6b08da...2c.exe

windows7-x64

1

215b6b08da...2c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    30-05-2023 02:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    215b6b08da019af2adf0b331de8b2c72f7f41a57f2a011f2b2b7c86d28cc632c.exe

  • Size

    3.5MB

  • MD5

    7dad239892eb8f9fa9e6f97368f68fbb

  • SHA1

    eb25829b9e134d432b3c7e43ca5e5ba79ce071fe

  • SHA256

    215b6b08da019af2adf0b331de8b2c72f7f41a57f2a011f2b2b7c86d28cc632c

  • SHA512

    cf14eaf4f82f87dc524d7e7e8c6af3c7c803975fa7975b023f80e4b21c528b6159faca6b7b8e590e048b9eb0f7dc001777cf218cd7ef65f3617ebc0ba01cd8f5

  • SSDEEP

    49152:gIVuaGxMgpnVM+0hWpJim9xjXmbKp+/ZbipNgkwryaAcvZlPdFvo0k8mT4SwyxQ/:g/di+fJrbX/pWZ5raK/gDsW+R9kPIZf

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\215b6b08da019af2adf0b331de8b2c72f7f41a57f2a011f2b2b7c86d28cc632c.exe
    "C:\Users\Admin\AppData\Local\Temp\215b6b08da019af2adf0b331de8b2c72f7f41a57f2a011f2b2b7c86d28cc632c.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1928
    • C:\Windows\splwow64.exe
      C:\Windows\splwow64.exe 12288
      2⤵
        PID:1924

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1928-54-0x0000000000400000-0x00000000011A0000-memory.dmp
      Filesize

      13.6MB

      Download
    • memory/1928-55-0x0000000000400000-0x00000000011A0000-memory.dmp
      Filesize

      13.6MB

      Download
    • memory/1928-56-0x0000000000400000-0x00000000011A0000-memory.dmp
      Filesize

      13.6MB

      Download
    • memory/1928-57-0x0000000000400000-0x00000000011A0000-memory.dmp
      Filesize

      13.6MB

      Download
    • memory/1928-58-0x0000000000400000-0x00000000011A0000-memory.dmp
      Filesize

      13.6MB

      Download
    • memory/1928-60-0x0000000000220000-0x0000000000221000-memory.dmp
      Filesize

      4KB

      Download
    • memory/1928-61-0x0000000000400000-0x00000000011A0000-memory.dmp
      Filesize

      13.6MB

      Download
    • memory/1928-62-0x0000000000220000-0x0000000000221000-memory.dmp
      Filesize

      4KB

      Download