Overview

overview

10

Static

static

10

Hex-Rays I...te.exe

windows10-2004-x64

1

Hex-Rays I...64.exe

windows10-2004-x64

1

Hex-Rays I...da.exe

windows10-2004-x64

1

Hex-Rays I...64.exe

windows10-2004-x64

1

Hex-Rays I...ch.exe

windows10-2004-x64

1

Hex-Rays I...at.exe

windows10-2004-x64

1

Hex-Rays I...64.exe

windows10-2004-x64

1

Hex-Rays I...ph.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    26s
  • max time network
    50s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-07-2023 22:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated/ida64.exe

  • Size

    4.0MB

  • MD5

    0b85f1f13b1a457f1d77f8e6f23fec47

  • SHA1

    fe1bc0abdc73eaa74dcb18b3ade959b91ea01df5

  • SHA256

    29341a543b744f72f0ff8ca973b5c3f31a23034879f267bba07149abf5e644f3

  • SHA512

    8921675f8f5b05db799b1528a088391509c4f5b919198f042ce781af2d61dc5ebe9627e935040627a73f1cf6390208bccf63cf174365dd8f0b368f8c10c79c4d

  • SSDEEP

    49152:+Qptxtn8v9flRURQXyczsoBR9RAzkdk9ltnv2UtxOpYjObpJWYcmD75zoELxnXAh:+itxMR4QuoBPRAzz9lRvMVtdwdZroVm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: AddClipboardFormatListener 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated\ida64.exe
    "C:\Users\Admin\AppData\Local\Temp\Hex-Rays IDA Professional Advanced Floating And Decompiler Full Activated\ida64.exe"
    1⤵
    • Suspicious behavior: AddClipboardFormatListener
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3740-133-0x00007FFA0BBE0000-0x00007FFA0C136000-memory.dmp

    Filesize

    5.3MB

    Download

  • memory/3740-134-0x00007FF60B010000-0x00007FF60B40F000-memory.dmp

    Filesize

    4.0MB

    Download

  • memory/3740-135-0x00000247AC4B0000-0x00000247AC4C0000-memory.dmp

    Filesize

    64KB

    Download