ed2c2901ae640d04915190b4a15d719e1b5933f2032a1667927155debce9cd91

Analysis

max time kernel
139s
max time network
144s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
05/07/2023, 14:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

006cd821cb0612exeexeexeex.exe
Size

1.4MB
MD5

006cd821cb0612ff7e99689d519aca0d
SHA1

b5ee9ac9596a3d0cfa0e539b0a75c7a3aec9ec39
SHA256

ed2c2901ae640d04915190b4a15d719e1b5933f2032a1667927155debce9cd91
SHA512

8f3543c70de84d93531235849647c187962d01ce4f4f1184ff958ac35d30d2cefa7fa35d2f4045217df97a5ac57562bc2e8305abca9299af2f91ea556e7e6c10
SSDEEP

24576:GgFtrsbFPoH2HL1lzF7E61bM48Dry5ixsIEnI6T/UTqoQ2JR:GgFtrk15Q6MjiiGhRTcTqoQ2J

Score

1^/10

Malware Config

Signatures

Modifies registry class 12 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist	006cd821cb0612exeexeexeex.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\DefaultIcon\ = "C:\\Users\\Admin\\AppData\\Local\\Temp\\006cd821cb0612exeexeexeex.exe,1"	006cd821cb0612exeexeexeex.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\shell	006cd821cb0612exeexeexeex.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\shell\open\command\ = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\006cd821cb0612exeexeexeex.exe\" \"%1\""	006cd821cb0612exeexeexeex.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\.playlist	006cd821cb0612exeexeexeex.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\.playlist\ = "AnyVideoSoftware.AnyVideoPlayer.playlist"	006cd821cb0612exeexeexeex.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\WOW6432Node\CLSID\{C7D55E60-9876-4f4c-AE02-EA050EE9FBB8}	006cd821cb0612exeexeexeex.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\ = "Playlist"	006cd821cb0612exeexeexeex.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\DefaultIcon	006cd821cb0612exeexeexeex.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\shell\open\command	006cd821cb0612exeexeexeex.exe
Key created	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\AnyVideoSoftware.AnyVideoPlayer.playlist\shell\open	006cd821cb0612exeexeexeex.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1420546310-613437930-2990200354-1000_Classes\WOW6432Node\CLSID\{C7D55E60-9876-4f4c-AE02-EA050EE9FBB8}\ = 9d89bbb29cbf91ad9db08daa9db095afce86ccb29d8699b299af94cace86cbca9ccd9db09ccc9db39d86999f9d9598cb9d86becf99bf91b3ce86cbcb9995ccac9b9590ce9c86bf9f9c968ccf9b968ccc9cbf91ae9c89bbd1ce86a79f9d96c8b29bcd88cf9dbfc89f	006cd821cb0612exeexeexeex.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
4036	006cd821cb0612exeexeexeex.exe
4036	006cd821cb0612exeexeexeex.exe
4036	006cd821cb0612exeexeexeex.exe
4036	006cd821cb0612exeexeexeex.exe

C:\Users\Admin\AppData\Local\Temp\006cd821cb0612exeexeexeex.exe
"C:\Users\Admin\AppData\Local\Temp\006cd821cb0612exeexeexeex.exe"
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:4036

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads