Overview

overview

7

Static

static

7

60bbba88b3...3f.exe

windows7-x64

1

60bbba88b3...3f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-06-2023 19:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    60bbba88b32e22cebf156b30f6e85c4938830e0fbd75962452c5df586020843f.exe

  • Size

    3.8MB

  • MD5

    ece99ab43fa13f97253bf5b16222e38a

  • SHA1

    29406dffcb0e0fb6cb77bb51966784bf1f6d91f7

  • SHA256

    60bbba88b32e22cebf156b30f6e85c4938830e0fbd75962452c5df586020843f

  • SHA512

    5af262c8bcfa1557a8ddf5301cd0f8b5aaebbe1da8998521aac7748b18c0085aa835e8f76ad307e76f133c1d91f0860e3e76adeb9ca26482a1dfd7d044c61fc4

  • SSDEEP

    98304:fS6WKmWtmyleYyTszr6/cWi8KLbBWeoQeHvO:fS6fmWtmyETszW0Wi8c0weHv

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\60bbba88b32e22cebf156b30f6e85c4938830e0fbd75962452c5df586020843f.exe
    "C:\Users\Admin\AppData\Local\Temp\60bbba88b32e22cebf156b30f6e85c4938830e0fbd75962452c5df586020843f.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3600
    • C:\Windows\splwow64.exe
      C:\Windows\splwow64.exe 12288
      2⤵
        PID:652
    • C:\Windows\system32\svchost.exe
      C:\Windows\system32\svchost.exe -k PrintWorkflow -s PrintWorkflowUserSvc
      1⤵
        PID:1500

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3600-133-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-134-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-135-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-136-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-137-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-138-0x00000000030A0000-0x00000000030A1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/3600-139-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-140-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download
      • memory/3600-141-0x00000000030A0000-0x00000000030A1000-memory.dmp
        Filesize

        4KB

        Download
      • memory/3600-142-0x0000000000400000-0x000000000131C000-memory.dmp
        Filesize

        15.1MB

        Download