Overview

overview

7

Static

static

3

3041178056...ex.exe

windows7-x64

7

3041178056...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/07/2023, 14:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    30411780561f06exeexeexeex.exe

  • Size

    374KB

  • MD5

    30411780561f065ae121ec50ceb2ef0e

  • SHA1

    2e2dbbcfb5c8d3abded3ebe0915df6093c109a26

  • SHA256

    9319087f3b0c36561a94304f086c6ecab58c65102140e1ad1b725f4c6ddfcb4b

  • SHA512

    1a3c427450225e8c493d4d276e7cc6a6aadc9584618f21c70dfe82624ef91a68fd8dc70fb5acd445915b9696454cb9d32a33f71d486b3e8d12a972e11ca861cd

  • SSDEEP

    6144:ZplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:ZplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30411780561f06exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\30411780561f06exeexeexeex.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4980
    • C:\Program Files\privileges\install.exe
      "C:\Program Files\privileges\install.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4228

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\privileges\install.exe
          Filesize

          374KB

          MD5

          1be19f7b6af9cbd31ccd79e6c3b4a853

          SHA1

          13e827491ef6cc0239f20cca3e20062d515c2c70

          SHA256

          ee2c475f90ae7b525cbcdf81603c2a656a9f72e7db9e3813ec662fe0a2a1d0b6

          SHA512

          67710cb03d7cd09793fb5cc93200d779f0eb73e37ea82543068a8a05d43cfcfc27c614ea5589d7983e2dde79c841863fcac8f0046a897fb240d65b84ae5abbb0

          Download Submit

        • C:\Program Files\privileges\install.exe
          Filesize

          374KB

          MD5

          1be19f7b6af9cbd31ccd79e6c3b4a853

          SHA1

          13e827491ef6cc0239f20cca3e20062d515c2c70

          SHA256

          ee2c475f90ae7b525cbcdf81603c2a656a9f72e7db9e3813ec662fe0a2a1d0b6

          SHA512

          67710cb03d7cd09793fb5cc93200d779f0eb73e37ea82543068a8a05d43cfcfc27c614ea5589d7983e2dde79c841863fcac8f0046a897fb240d65b84ae5abbb0

          Download Submit