Overview

overview

7

Static

static

7

816df5a468...da.exe

windows7-x64

1

816df5a468...da.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-05-2023 07:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    816df5a468f7b25baf00e481130317c400578bccb4ac03997fc278935cac8bda.exe

  • Size

    1.4MB

  • MD5

    c5361a09d5f44161ed5dc0cb8e5a7ae5

  • SHA1

    980d6bb0d8b50ccb265c66c83aadbf115daf89ca

  • SHA256

    816df5a468f7b25baf00e481130317c400578bccb4ac03997fc278935cac8bda

  • SHA512

    e691ac1a123689e61faf3c6c5e31c56d556c30bb18e21d565b03100f9700ccd8c4ec567a2af279c9d6b7eafd137841a5c7b2b6f90f84a5edc27b2f3772dc19c4

  • SSDEEP

    24576:4106qZfmpVHSFhc+t74kn7eNL/Q4c47X87kQ9DjzKC7o9SKcq9Facki/W:TZfYpSFhD7r6NLd/7X8oaP14Fac

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\816df5a468f7b25baf00e481130317c400578bccb4ac03997fc278935cac8bda.exe
    "C:\Users\Admin\AppData\Local\Temp\816df5a468f7b25baf00e481130317c400578bccb4ac03997fc278935cac8bda.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\$$IUTemp\w_cos_bs_leg.zip
    Filesize

    95B

    MD5

    cdee51cf59feed2c453ea2641cc139be

    SHA1

    69b7bdf586b55844a440efa9f3e7008e8f4ef007

    SHA256

    92d867081ac861233b5564cdc80e0505247b44abbeb59d8d4072a20e266b67eb

    SHA512

    93ba789496c5e89f5d61e892ebd1765caa0136e386d6824a4f8f63450a1532746e6e002eebc110d1e0ad2fc1d7baa9e6b79bf9a4ad98afd494394d3b9d4f0218

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\IncUpdate_TempImg2.jpg
    Filesize

    16KB

    MD5

    127cf95865f43c04962351629637c967

    SHA1

    0b44c03f708db9f72c06f51c67353623a6fb5175

    SHA256

    1920b29cca2d8455494b17a810b80ec337d44895b2c4a4b41ba8d713caa2c791

    SHA512

    356b9e2a5fb85cb5b02bc69f963b2b1f32101639f659508ff302570a50a944b871d60caab556220cd12fc81a1dc9ab4dee128b81f0aa533d4a300d157c4e828c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Update.ini
    Filesize

    408B

    MD5

    9ad814245ff80bbd3c3f509f41442383

    SHA1

    dd11681160501eb5137bd276fe6e094108e3f56b

    SHA256

    c72364e30f2137d418e7806feeced5dcd9769c1d04b346dd81314dc45b56256d

    SHA512

    087c055a2804d1bf114bedef4359b5e33ccd83187b86d8d8c58c0584282cb383bc22f0cd98cd02d8527a5cf35b12c5d3cded2126c6da28eda1d31c8e59118573

    Download Submit

  • memory/1428-268-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-289-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-188-0x0000000002680000-0x0000000002681000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1428-191-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-202-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-235-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-252-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-133-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-140-0x0000000002680000-0x0000000002681000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1428-187-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-314-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-323-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-352-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-385-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-410-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-441-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-463-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download

  • memory/1428-507-0x0000000000400000-0x00000000008C2000-memory.dmp

    Filesize

    4.8MB

    Download