Overview

overview

7

Static

static

3

f02d8202a8...ex.exe

windows7-x64

7

f02d8202a8...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-07-2023 08:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f02d8202a843f7exeexeexeex.exe

  • Size

    408KB

  • MD5

    f02d8202a843f7d8889ccb0b06b9995f

  • SHA1

    7fabdf6008d55a6e2f30a5a13e2b6a04a8b0eb66

  • SHA256

    175e7853fc6569d7f5d715c087fbbf4611dae7906b637ec0c4944efd325e8a18

  • SHA512

    05e90ee56abcd2ddedcbe552795e906bfb6d579f1fe652eaf20444fbf0ca6206e037bdc23d6af1b29e0ac79e5beb51567b52e419dda380f603bfa7a4f9fe32bd

  • SSDEEP

    12288:fplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:xxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f02d8202a843f7exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\f02d8202a843f7exeexeexeex.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4540
    • C:\Program Files\license\agreement.exe
      "C:\Program Files\license\agreement.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\license\agreement.exe
    Filesize

    408KB

    MD5

    7d95f4a78e05dedcf83b56fab3187eb6

    SHA1

    2d3c9332dbb9365105262fcf8dc8b5d3d3d18549

    SHA256

    a18e6e54cb7cf1b8ed30948d74449aec0514f3315bab0f31f595a2d3b9ce513e

    SHA512

    675c1ba35545cc73fa9b725a1b48f7ebec9562a67c6bab66ffa6bc39c5ca05fb4506c176e3a23a801bc3ac6f16ad451e82a17bd49ef405d03a2aa38a548abd56

    Download Submit

  • C:\Program Files\license\agreement.exe
    Filesize

    408KB

    MD5

    7d95f4a78e05dedcf83b56fab3187eb6

    SHA1

    2d3c9332dbb9365105262fcf8dc8b5d3d3d18549

    SHA256

    a18e6e54cb7cf1b8ed30948d74449aec0514f3315bab0f31f595a2d3b9ce513e

    SHA512

    675c1ba35545cc73fa9b725a1b48f7ebec9562a67c6bab66ffa6bc39c5ca05fb4506c176e3a23a801bc3ac6f16ad451e82a17bd49ef405d03a2aa38a548abd56

    Download Submit