Overview

overview

7

Static

static

3

f02d8202a8...ex.exe

windows7-x64

7

f02d8202a8...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    27s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2023, 08:41

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    f02d8202a843f7exeexeexeex.exe

  • Size

    408KB

  • MD5

    f02d8202a843f7d8889ccb0b06b9995f

  • SHA1

    7fabdf6008d55a6e2f30a5a13e2b6a04a8b0eb66

  • SHA256

    175e7853fc6569d7f5d715c087fbbf4611dae7906b637ec0c4944efd325e8a18

  • SHA512

    05e90ee56abcd2ddedcbe552795e906bfb6d579f1fe652eaf20444fbf0ca6206e037bdc23d6af1b29e0ac79e5beb51567b52e419dda380f603bfa7a4f9fe32bd

  • SSDEEP

    12288:fplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:xxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f02d8202a843f7exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\f02d8202a843f7exeexeexeex.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2280
    • C:\Program Files\Redist\license.exe
      "C:\Program Files\Redist\license.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2268

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Redist\license.exe
          Filesize

          408KB

          MD5

          f3cde81c3addf9fb9a5342acf3dde6e5

          SHA1

          c2173e7c7a66b58067d4dcf8c98310d641d8ab66

          SHA256

          e1040fd436f025c74c052eef297044841563d75ff5d56d3591889c33d7e2a883

          SHA512

          77e77cfb4796651d52471e3854ec613d30a879900aad98960facc38e20cb57f4079c3633357e111e4c82ffa2ed73cd40158f34f8486b6d5c39b199f0b1ae3a38

          Download Submit

        • C:\Program Files\Redist\license.exe
          Filesize

          408KB

          MD5

          f3cde81c3addf9fb9a5342acf3dde6e5

          SHA1

          c2173e7c7a66b58067d4dcf8c98310d641d8ab66

          SHA256

          e1040fd436f025c74c052eef297044841563d75ff5d56d3591889c33d7e2a883

          SHA512

          77e77cfb4796651d52471e3854ec613d30a879900aad98960facc38e20cb57f4079c3633357e111e4c82ffa2ed73cd40158f34f8486b6d5c39b199f0b1ae3a38

          Download Submit

        • \Program Files\Redist\license.exe
          Filesize

          408KB

          MD5

          f3cde81c3addf9fb9a5342acf3dde6e5

          SHA1

          c2173e7c7a66b58067d4dcf8c98310d641d8ab66

          SHA256

          e1040fd436f025c74c052eef297044841563d75ff5d56d3591889c33d7e2a883

          SHA512

          77e77cfb4796651d52471e3854ec613d30a879900aad98960facc38e20cb57f4079c3633357e111e4c82ffa2ed73cd40158f34f8486b6d5c39b199f0b1ae3a38

          Download Submit

        • \Program Files\Redist\license.exe
          Filesize

          408KB

          MD5

          f3cde81c3addf9fb9a5342acf3dde6e5

          SHA1

          c2173e7c7a66b58067d4dcf8c98310d641d8ab66

          SHA256

          e1040fd436f025c74c052eef297044841563d75ff5d56d3591889c33d7e2a883

          SHA512

          77e77cfb4796651d52471e3854ec613d30a879900aad98960facc38e20cb57f4079c3633357e111e4c82ffa2ed73cd40158f34f8486b6d5c39b199f0b1ae3a38

          Download Submit