64d5a4fb9ccd9dbe359e4a15b02e05bbabf502bdbfb283a4e846f9c0ffcbc554

Analysis

max time kernel
28s
max time network
32s
platform
windows7_x64
resource
win7-20230703-en
resource tags

arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
submitted
08/07/2023, 17:31 UTC

Target

9125a3d8295756exeexeexeex.exe
Size

407KB
MD5

9125a3d82957561d1bb0a4b939be43b7
SHA1

695c05f633c638864435f453f06b57c2bcd98d22
SHA256

64d5a4fb9ccd9dbe359e4a15b02e05bbabf502bdbfb283a4e846f9c0ffcbc554
SHA512

4cac728d2cb3dcf25d19d6ba7849b9bf7a09f76ae36cfe649f313590ce822166b5d0a1056f70538c5fc83888d520d6c67f0f00b5c8a4dd6d055deabcd0d8b2db
SSDEEP

12288:4plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:kxRQ+Fucuvm0as

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
668	Security.exe

Loads dropped DLL 2 IoCs

pid	Process
364	9125a3d8295756exeexeexeex.exe
364	9125a3d8295756exeexeexeex.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\Graphics\Security.exe	9125a3d8295756exeexeexeex.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 364 wrote to memory of 668	364	9125a3d8295756exeexeexeex.exe	29
PID 364 wrote to memory of 668	364	9125a3d8295756exeexeexeex.exe	29
PID 364 wrote to memory of 668	364	9125a3d8295756exeexeexeex.exe	29
PID 364 wrote to memory of 668	364	9125a3d8295756exeexeexeex.exe	29

C:\Program Files\Graphics\Security.exe

Filesize
408KB

MD5
050c6172c1e6fc4706a165a21acae593

SHA1
566f5eb8d7e40ed03fa8fa3bbfec004becf20606

SHA256
b418807b24f8d0a723f5f5be1643fb3c978640b9bc3db94ba86b5533fc354c66

SHA512
00e8edfcc7e4be67b5351635cf3f1bb917a737939d7771c081657c956097c00c248512608debf2a5af2cdd3ef00d6abde6ac70dbfd87be45c1b115a77b80036a

Download Submit
C:\Program Files\Graphics\Security.exe

Filesize
408KB

MD5
050c6172c1e6fc4706a165a21acae593

SHA1
566f5eb8d7e40ed03fa8fa3bbfec004becf20606

SHA256
b418807b24f8d0a723f5f5be1643fb3c978640b9bc3db94ba86b5533fc354c66

SHA512
00e8edfcc7e4be67b5351635cf3f1bb917a737939d7771c081657c956097c00c248512608debf2a5af2cdd3ef00d6abde6ac70dbfd87be45c1b115a77b80036a

Download Submit
\Program Files\Graphics\Security.exe

Filesize
408KB

MD5
050c6172c1e6fc4706a165a21acae593

SHA1
566f5eb8d7e40ed03fa8fa3bbfec004becf20606

SHA256
b418807b24f8d0a723f5f5be1643fb3c978640b9bc3db94ba86b5533fc354c66

SHA512
00e8edfcc7e4be67b5351635cf3f1bb917a737939d7771c081657c956097c00c248512608debf2a5af2cdd3ef00d6abde6ac70dbfd87be45c1b115a77b80036a

Download Submit
\Program Files\Graphics\Security.exe

Filesize
408KB

MD5
050c6172c1e6fc4706a165a21acae593

SHA1
566f5eb8d7e40ed03fa8fa3bbfec004becf20606

SHA256
b418807b24f8d0a723f5f5be1643fb3c978640b9bc3db94ba86b5533fc354c66

SHA512
00e8edfcc7e4be67b5351635cf3f1bb917a737939d7771c081657c956097c00c248512608debf2a5af2cdd3ef00d6abde6ac70dbfd87be45c1b115a77b80036a

Download Submit