Overview

overview

7

Static

static

3

2581bb5884...JC.exe

windows7-x64

7

2581bb5884...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2023, 15:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2581bb588428cdexeexe_JC.exe

  • Size

    373KB

  • MD5

    2581bb588428cd291eda4b350a39a0d7

  • SHA1

    9bdaa8fd909ce5ee1ac95cab7eb90992acf4498f

  • SHA256

    2dba09f972b062734d1c393e7115a330289f2f2543e36fd15c451af4c6433947

  • SHA512

    13dc1d531df3d818088a575e52b411389c05818a813af5af328fb2e3b8a8ec96bbc5108c447de4bc38dcf04a31a12f4fd59624f634ae0d22564936c35c5eeca9

  • SSDEEP

    6144:1plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:1plrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2581bb588428cdexeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2581bb588428cdexeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1140
    • C:\Program Files\Update\indicator.exe
      "C:\Program Files\Update\indicator.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1076

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Update\indicator.exe
          Filesize

          373KB

          MD5

          6bbcd5c24bbf14e42549b2d46bf57eb1

          SHA1

          914648f519d61c4bbadd344200c06f6793ffbd35

          SHA256

          3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

          SHA512

          146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

          Download Submit

        • C:\Program Files\Update\indicator.exe
          Filesize

          373KB

          MD5

          6bbcd5c24bbf14e42549b2d46bf57eb1

          SHA1

          914648f519d61c4bbadd344200c06f6793ffbd35

          SHA256

          3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

          SHA512

          146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

          Download Submit

        • \Program Files\Update\indicator.exe
          Filesize

          373KB

          MD5

          6bbcd5c24bbf14e42549b2d46bf57eb1

          SHA1

          914648f519d61c4bbadd344200c06f6793ffbd35

          SHA256

          3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

          SHA512

          146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

          Download Submit

        • \Program Files\Update\indicator.exe
          Filesize

          373KB

          MD5

          6bbcd5c24bbf14e42549b2d46bf57eb1

          SHA1

          914648f519d61c4bbadd344200c06f6793ffbd35

          SHA256

          3a5dd58cdfa6f65b2493b0ccef302b703c551d0710cc9f78e290c5fe0ed8e34a

          SHA512

          146426dfe7a73b7aad81f199d3be7d66ba86bddbac6230790a421fb54f5337be4ec70a4d5074dfb508937ead413b7ffdbaa4a8df0bbd76c2abb791ff0a195fff

          Download Submit