Overview

overview

7

Static

static

3

1dee41eb3d...ex.exe

windows7-x64

7

1dee41eb3d...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-07-2023 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1dee41eb3da7edexeexeexeex.exe

  • Size

    373KB

  • MD5

    1dee41eb3da7ed1f50b5c2721c7ba52a

  • SHA1

    6256c08f7046ba1ee52d9b405941b4861fdca879

  • SHA256

    97deed66d17065adf79e77e13e792e9b7273cb8c0ddb525ce1d68efc5a9c4c44

  • SHA512

    bb73ccb93b441df9bd243aab2ca1eb6c62bc53ce7ca37fdb534d2782dc013fc1cbf46a8c034e6ddfb69b20e707efc69c62ef264fb4bc0c34cde3b5f2d5b6002b

  • SSDEEP

    6144:CplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:CplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1dee41eb3da7edexeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\1dee41eb3da7edexeexeexeex.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4868
    • C:\Program Files\compact\runtime.exe
      "C:\Program Files\compact\runtime.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\compact\runtime.exe
    Filesize

    374KB

    MD5

    378c5b306f994e746ba7f82cb6d2a44c

    SHA1

    c929757387c37a86687cb4d8ff3214bc84dbc319

    SHA256

    e7c65d31f43d7ceba3106617eac4097ed856c82e6ca889c31d72249dca5941b0

    SHA512

    a0ddb5d8a4777bb6731cd345b38322b054c1bf0cd18b4eff83aed21a2534c65246dfb9edda05b63bc1bbb277cba2c33d2487b6da6812b4bfd30e9eefc8afa055

    Download Submit

  • C:\Program Files\compact\runtime.exe
    Filesize

    374KB

    MD5

    378c5b306f994e746ba7f82cb6d2a44c

    SHA1

    c929757387c37a86687cb4d8ff3214bc84dbc319

    SHA256

    e7c65d31f43d7ceba3106617eac4097ed856c82e6ca889c31d72249dca5941b0

    SHA512

    a0ddb5d8a4777bb6731cd345b38322b054c1bf0cd18b4eff83aed21a2534c65246dfb9edda05b63bc1bbb277cba2c33d2487b6da6812b4bfd30e9eefc8afa055

    Download Submit