Overview

overview

7

Static

static

3

81fc03e279...ex.exe

windows7-x64

7

81fc03e279...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    144s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2023, 16:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    81fc03e279bba7exeexeexeex.exe

  • Size

    375KB

  • MD5

    81fc03e279bba7b2fea0d712bf1bb746

  • SHA1

    80f75f65e4d139aaea6cfecc5e735be543d96530

  • SHA256

    0ee493df7c373ca8987435745366be842745edcf05606730a5c39709ca9bedae

  • SHA512

    e77096177a325822a3a44e3de7440f966ad8e2cfc404bb130b396e7d483e8a2202b08a52667610514e70625e469ee6ed207251a2862bfc8d75aa1f93b3da1328

  • SSDEEP

    6144:uplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:uplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\81fc03e279bba7exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\81fc03e279bba7exeexeexeex.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Program Files\Redist\license.exe
      "C:\Program Files\Redist\license.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2024

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Redist\license.exe
          Filesize

          375KB

          MD5

          d4f453f37aaa202b1dd1aa7db38be1a1

          SHA1

          dce394caf11b19d73c414113ab72c1f362a099d0

          SHA256

          147d758412008965fafd5542bc0216ef26efe78e0a198513c455d9319376b25c

          SHA512

          979017d00271e0ee498de9a2c978387ddcfc121419017c1178f9394888f3aab2efb927ee19e1d28230e2d11483e8d2cf109ef4ea712a7209aad118855a50556b

          Download Submit

        • C:\Program Files\Redist\license.exe
          Filesize

          375KB

          MD5

          d4f453f37aaa202b1dd1aa7db38be1a1

          SHA1

          dce394caf11b19d73c414113ab72c1f362a099d0

          SHA256

          147d758412008965fafd5542bc0216ef26efe78e0a198513c455d9319376b25c

          SHA512

          979017d00271e0ee498de9a2c978387ddcfc121419017c1178f9394888f3aab2efb927ee19e1d28230e2d11483e8d2cf109ef4ea712a7209aad118855a50556b

          Download Submit