Overview

overview

8

Static

static

3

21486eb7f0...65.exe

windows7-x64

8

21486eb7f0...65.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-06-2023 19:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    21486eb7f07e0cc98b11a4227383c5be93be58eeeb352a0a50973fc61c969a65.exe

  • Size

    2.8MB

  • MD5

    53b7229abf0a792ab697f8ae4e5f4708

  • SHA1

    93a9f684957a99a54bc3a3b049117714a5933968

  • SHA256

    21486eb7f07e0cc98b11a4227383c5be93be58eeeb352a0a50973fc61c969a65

  • SHA512

    d5709f8f3c71edf48efabe5e0961a4715029050e2db59f060a6c7cb963510b8c76c07760089a97ee425ba7ce475dfc623d5643d8d87b024278c9e0fd04cc9951

  • SSDEEP

    49152:bKhRYlGGbx4FBK3SVXiHCyDpeQxP18vS3bdFF7YaKBkOef:bYWGSx4iCMisRxPWS35RXO8

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\21486eb7f07e0cc98b11a4227383c5be93be58eeeb352a0a50973fc61c969a65.exe
    "C:\Users\Admin\AppData\Local\Temp\21486eb7f07e0cc98b11a4227383c5be93be58eeeb352a0a50973fc61c969a65.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4876-133-0x0000000003030000-0x0000000003031000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4876-134-0x0000000003040000-0x0000000003041000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4876-135-0x0000000003070000-0x0000000003071000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4876-136-0x0000000003080000-0x0000000003081000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4876-137-0x0000000003090000-0x0000000003091000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4876-138-0x00000000030A0000-0x00000000030A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4876-139-0x0000000000190000-0x000000000071B000-memory.dmp

    Filesize

    5.5MB

    Download