Overview

overview

7

Static

static

3

497aadd5ee...ex.exe

windows7-x64

7

497aadd5ee...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    76s
  • max time network
    80s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    07-07-2023 12:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    497aadd5eedd1fexeexeexeex.exe

  • Size

    239KB

  • MD5

    497aadd5eedd1f125075969c5aff1b86

  • SHA1

    2a2c1768a82f5bcf7c9adb1313fb29b52427ccde

  • SHA256

    5a5fbb78cd15218065048f4142b2e67f4ad961624368661cf399c433724f2fa7

  • SHA512

    20c9b55426873da846161db93103ae4e7da09dd076700b7498242849e675366036ded4f66d4ce0e36d2bfce8a6a8371dd05dd07b7aeadeafb4ed1b2b8f9b6414

  • SSDEEP

    3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\497aadd5eedd1fexeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\497aadd5eedd1fexeexeexeex.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2312
    • C:\Program Files\future\instead.exe
      "C:\Program Files\future\instead.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2316

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\future\instead.exe
    Filesize

    239KB

    MD5

    dc8dab701d9eed3a656311df0c231eba

    SHA1

    ec2f79292755cb8d93c5ead2e1c05a8683094773

    SHA256

    30ad179a0d35f4280f80bfcba0820e8b65417b40f75a5f8a1bc0bb6fd9a92db9

    SHA512

    17a6f4e72786cd42e04992a759ab282de5ed2857b442edfa059a5c7a9b61b577546f54810900d6e455f0c44516f9f3428269d87773edfda36d09f5751c97f9c6

    Download Submit

  • C:\Program Files\future\instead.exe
    Filesize

    239KB

    MD5

    dc8dab701d9eed3a656311df0c231eba

    SHA1

    ec2f79292755cb8d93c5ead2e1c05a8683094773

    SHA256

    30ad179a0d35f4280f80bfcba0820e8b65417b40f75a5f8a1bc0bb6fd9a92db9

    SHA512

    17a6f4e72786cd42e04992a759ab282de5ed2857b442edfa059a5c7a9b61b577546f54810900d6e455f0c44516f9f3428269d87773edfda36d09f5751c97f9c6

    Download Submit

  • \Program Files\future\instead.exe
    Filesize

    239KB

    MD5

    dc8dab701d9eed3a656311df0c231eba

    SHA1

    ec2f79292755cb8d93c5ead2e1c05a8683094773

    SHA256

    30ad179a0d35f4280f80bfcba0820e8b65417b40f75a5f8a1bc0bb6fd9a92db9

    SHA512

    17a6f4e72786cd42e04992a759ab282de5ed2857b442edfa059a5c7a9b61b577546f54810900d6e455f0c44516f9f3428269d87773edfda36d09f5751c97f9c6

    Download Submit

  • \Program Files\future\instead.exe
    Filesize

    239KB

    MD5

    dc8dab701d9eed3a656311df0c231eba

    SHA1

    ec2f79292755cb8d93c5ead2e1c05a8683094773

    SHA256

    30ad179a0d35f4280f80bfcba0820e8b65417b40f75a5f8a1bc0bb6fd9a92db9

    SHA512

    17a6f4e72786cd42e04992a759ab282de5ed2857b442edfa059a5c7a9b61b577546f54810900d6e455f0c44516f9f3428269d87773edfda36d09f5751c97f9c6

    Download Submit