Overview

overview

7

Static

static

3

2ebfcb44c7...JC.exe

windows7-x64

7

2ebfcb44c7...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2023, 16:45

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2ebfcb44c7d148exeexe_JC.exe

  • Size

    408KB

  • MD5

    2ebfcb44c7d148a8407e153c8d635d29

  • SHA1

    36903d1a19d93760ff81bbde1a335ce4ee9b0110

  • SHA256

    6922b7216ff28d5f6f42f2cb09e0a15c29fc332dbad31d303d282786f9a5e81b

  • SHA512

    77df9f734059b70b21b9179122adcda7d3603682e9e07562b0a8360db3d46285895a8b0f9f722f9794eaac0e34f6c0893b225c2c73adcb2f30f7cbaf08e41bc3

  • SSDEEP

    12288:5plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:7xRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2ebfcb44c7d148exeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2ebfcb44c7d148exeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2556
    • C:\Program Files\customer\component.exe
      "C:\Program Files\customer\component.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1172

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\customer\component.exe
          Filesize

          409KB

          MD5

          1089b829ad7f59152da3ee19b7d478ee

          SHA1

          659e38f78ff504642ee0c6b534e1a4cb1614b8a9

          SHA256

          022227ef5bdeadc279433df595d4810c81b65adbb11d2181669901a8b6676ea2

          SHA512

          605981a642645b36ab10aa7f7c192664cb204bc61b9e4a1639d4ade19482641af19f39cc4d65efcc9b0c03348642ef6c8fc81aa3c7ae9d5aeb3052caa1dbd204

          Download Submit

        • C:\Program Files\customer\component.exe
          Filesize

          409KB

          MD5

          1089b829ad7f59152da3ee19b7d478ee

          SHA1

          659e38f78ff504642ee0c6b534e1a4cb1614b8a9

          SHA256

          022227ef5bdeadc279433df595d4810c81b65adbb11d2181669901a8b6676ea2

          SHA512

          605981a642645b36ab10aa7f7c192664cb204bc61b9e4a1639d4ade19482641af19f39cc4d65efcc9b0c03348642ef6c8fc81aa3c7ae9d5aeb3052caa1dbd204

          Download Submit

        • \Program Files\customer\component.exe
          Filesize

          409KB

          MD5

          1089b829ad7f59152da3ee19b7d478ee

          SHA1

          659e38f78ff504642ee0c6b534e1a4cb1614b8a9

          SHA256

          022227ef5bdeadc279433df595d4810c81b65adbb11d2181669901a8b6676ea2

          SHA512

          605981a642645b36ab10aa7f7c192664cb204bc61b9e4a1639d4ade19482641af19f39cc4d65efcc9b0c03348642ef6c8fc81aa3c7ae9d5aeb3052caa1dbd204

          Download Submit

        • \Program Files\customer\component.exe
          Filesize

          409KB

          MD5

          1089b829ad7f59152da3ee19b7d478ee

          SHA1

          659e38f78ff504642ee0c6b534e1a4cb1614b8a9

          SHA256

          022227ef5bdeadc279433df595d4810c81b65adbb11d2181669901a8b6676ea2

          SHA512

          605981a642645b36ab10aa7f7c192664cb204bc61b9e4a1639d4ade19482641af19f39cc4d65efcc9b0c03348642ef6c8fc81aa3c7ae9d5aeb3052caa1dbd204

          Download Submit