Overview

overview

3

Static

static

3

eb377756e6...69.exe

windows7-x64

1

eb377756e6...69.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    29s
  • platform
    windows7_x64
  • resource
    win7-20230621-en
  • resource tags

    arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system
  • submitted
    03/07/2023, 19:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb377756e6a119d66965e859b18ec7232dd25f26a7e5ec77c51d158689a50269.exe

  • Size

    791KB

  • MD5

    5251d31adf8388cfab7aaecbfebe312e

  • SHA1

    80f1ad08d32979da641124829b0fe514cb6a9108

  • SHA256

    eb377756e6a119d66965e859b18ec7232dd25f26a7e5ec77c51d158689a50269

  • SHA512

    ca7e78372ad408fe34f6b14e8f2c8a40500ad0ab488266be94bcf16dbd20745d51a26386b8a7621eb0b233fa096ab54aa9caf1c8e7f77b019b55d7bf7f933afa

  • SSDEEP

    12288:QJtHr6Pcitci8EiPpK1e0HqEpD1GdNCInwI+cpKMW2CGk2kyUJimE:QJ9ecvi8lPpKQukdIZwH/kDJ

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\eb377756e6a119d66965e859b18ec7232dd25f26a7e5ec77c51d158689a50269.exe
    "C:\Users\Admin\AppData\Local\Temp\eb377756e6a119d66965e859b18ec7232dd25f26a7e5ec77c51d158689a50269.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1612

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1612-54-0x0000000000400000-0x00000000004CF000-memory.dmp

    Filesize

    828KB

    Download

  • memory/1612-55-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1612-56-0x0000000000400000-0x00000000004CF000-memory.dmp

    Filesize

    828KB

    Download

  • memory/1612-57-0x0000000000220000-0x0000000000221000-memory.dmp

    Filesize

    4KB

    Download