Overview

overview

7

Static

static

3

d5bd8f4027...ex.exe

windows7-x64

7

d5bd8f4027...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    29s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20230705-en
  • resource tags

    arch:x64arch:x86image:win7-20230705-enlocale:en-usos:windows7-x64system
  • submitted
    10/07/2023, 17:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d5bd8f4027593bexeexeexeex.exe

  • Size

    407KB

  • MD5

    d5bd8f4027593bf9bd25ee5a47bb4e07

  • SHA1

    61bbae3b473386e221f2ff6733fd84e96f2cd269

  • SHA256

    64a7d72e56f7e547a569c8aa5148cd393de4af568ac039fedd1389ba859dae10

  • SHA512

    8c6eafd3f811165ff372dc36fea5ec4ccfc047a2db02897566a10d77a14370c4e2f67e34ae16be8b7a7574eec7b131c9a74d8312b662c8b72dbca6c36423775a

  • SSDEEP

    12288:LplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:9xRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d5bd8f4027593bexeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\d5bd8f4027593bexeexeexeex.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2144
    • C:\Program Files\several\structures.exe
      "C:\Program Files\several\structures.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3000

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\several\structures.exe
    Filesize

    407KB

    MD5

    cd7824212b1c0b63218591e0d466e43f

    SHA1

    eb5635bace209427599e4b4f6afec370d3ddde2d

    SHA256

    14ff683f752f6f48697aeac4310ad3f0329f944ff835ae87b4e46c34478ab46f

    SHA512

    fa3384b5f8eee7adf8af289fbfa97b0f0aa7e02819cecad29efccaf09b720642b3cf28411d8bfb48dbd2eec76caeba3834f2dc3264b9d6e2f8519e7eb58ec6de

    Download Submit

  • C:\Program Files\several\structures.exe
    Filesize

    407KB

    MD5

    cd7824212b1c0b63218591e0d466e43f

    SHA1

    eb5635bace209427599e4b4f6afec370d3ddde2d

    SHA256

    14ff683f752f6f48697aeac4310ad3f0329f944ff835ae87b4e46c34478ab46f

    SHA512

    fa3384b5f8eee7adf8af289fbfa97b0f0aa7e02819cecad29efccaf09b720642b3cf28411d8bfb48dbd2eec76caeba3834f2dc3264b9d6e2f8519e7eb58ec6de

    Download Submit

  • \Program Files\several\structures.exe
    Filesize

    407KB

    MD5

    cd7824212b1c0b63218591e0d466e43f

    SHA1

    eb5635bace209427599e4b4f6afec370d3ddde2d

    SHA256

    14ff683f752f6f48697aeac4310ad3f0329f944ff835ae87b4e46c34478ab46f

    SHA512

    fa3384b5f8eee7adf8af289fbfa97b0f0aa7e02819cecad29efccaf09b720642b3cf28411d8bfb48dbd2eec76caeba3834f2dc3264b9d6e2f8519e7eb58ec6de

    Download Submit

  • \Program Files\several\structures.exe
    Filesize

    407KB

    MD5

    cd7824212b1c0b63218591e0d466e43f

    SHA1

    eb5635bace209427599e4b4f6afec370d3ddde2d

    SHA256

    14ff683f752f6f48697aeac4310ad3f0329f944ff835ae87b4e46c34478ab46f

    SHA512

    fa3384b5f8eee7adf8af289fbfa97b0f0aa7e02819cecad29efccaf09b720642b3cf28411d8bfb48dbd2eec76caeba3834f2dc3264b9d6e2f8519e7eb58ec6de

    Download Submit