Overview

overview

7

Static

static

3

fce0caf62d...ex.exe

windows7-x64

7

fce0caf62d...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    27s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20230703-en
  • resource tags

    arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system
  • submitted
    11-07-2023 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fce0caf62dfa2dexeexeexeex.exe

  • Size

    238KB

  • MD5

    fce0caf62dfa2de6df79ddaee6ad1f78

  • SHA1

    9bd53467a74c86c14fb98fc638c8abec6c03e538

  • SHA256

    49888a1dff4f33094dffc0faa1d8fcf1004fdb4c8c37518266d4afc87e54a8d5

  • SHA512

    71dbc366c00a01607c30ee498c0504fc0be7016d4f7dbb0c1d2ba4c392572ce8e8ab8b8705821b3890c8e398d9f8a4b2fd34a4eb95e834da81c1a3fd049568cf

  • SSDEEP

    3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fce0caf62dfa2dexeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\fce0caf62dfa2dexeexeexeex.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:296
    • C:\Program Files\Custom\Enabling.exe
      "C:\Program Files\Custom\Enabling.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2272

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Custom\Enabling.exe
    Filesize

    238KB

    MD5

    a8839649025ec7d98570f407b40d42cd

    SHA1

    fcedef62660067160606cbb16bb0269950424f6e

    SHA256

    e3116d42bef6e34bf802c81b8e7c42f489d86dbb588501c2be854a57d6d01b2a

    SHA512

    ec9e08379992175f1511f0bcbcec53e1f10014d48f7b30f8e55cef657e35e69b9e99abfe965353a8f4d18847dcbfcdcd29d8a2d1690721b2eecb8b0616e6d365

    Download Submit

  • C:\Program Files\Custom\Enabling.exe
    Filesize

    238KB

    MD5

    a8839649025ec7d98570f407b40d42cd

    SHA1

    fcedef62660067160606cbb16bb0269950424f6e

    SHA256

    e3116d42bef6e34bf802c81b8e7c42f489d86dbb588501c2be854a57d6d01b2a

    SHA512

    ec9e08379992175f1511f0bcbcec53e1f10014d48f7b30f8e55cef657e35e69b9e99abfe965353a8f4d18847dcbfcdcd29d8a2d1690721b2eecb8b0616e6d365

    Download Submit

  • \Program Files\Custom\Enabling.exe
    Filesize

    238KB

    MD5

    a8839649025ec7d98570f407b40d42cd

    SHA1

    fcedef62660067160606cbb16bb0269950424f6e

    SHA256

    e3116d42bef6e34bf802c81b8e7c42f489d86dbb588501c2be854a57d6d01b2a

    SHA512

    ec9e08379992175f1511f0bcbcec53e1f10014d48f7b30f8e55cef657e35e69b9e99abfe965353a8f4d18847dcbfcdcd29d8a2d1690721b2eecb8b0616e6d365

    Download Submit

  • \Program Files\Custom\Enabling.exe
    Filesize

    238KB

    MD5

    a8839649025ec7d98570f407b40d42cd

    SHA1

    fcedef62660067160606cbb16bb0269950424f6e

    SHA256

    e3116d42bef6e34bf802c81b8e7c42f489d86dbb588501c2be854a57d6d01b2a

    SHA512

    ec9e08379992175f1511f0bcbcec53e1f10014d48f7b30f8e55cef657e35e69b9e99abfe965353a8f4d18847dcbfcdcd29d8a2d1690721b2eecb8b0616e6d365

    Download Submit