Overview

overview

7

Static

static

3

2c3a2058a8...JC.exe

windows7-x64

7

2c3a2058a8...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    14/07/2023, 16:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2c3a2058a8b09cexeexe_JC.exe

  • Size

    268KB

  • MD5

    2c3a2058a8b09c9279c5950ed7edc565

  • SHA1

    63c4c800a302a863e8c4f2e8fb477d27ff6d868f

  • SHA256

    c53e5b66619fe1640853622c4421fc5cdbbbbb4d7c4efc93c9d18bc51294eb8f

  • SHA512

    4cb777a9cfe45bac3d68756d602fbb0467f4f308339b5248c9ace6970a35a91b83d822f247508218bab4dcf7ee276398bb85a5b634d5df9059e563cc2bb4aa7b

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c3a2058a8b09cexeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2c3a2058a8b09cexeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Program Files\Dutch\English.exe
      "C:\Program Files\Dutch\English.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:472

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Dutch\English.exe
          Filesize

          268KB

          MD5

          ba84ab9f7c7fe2689e971a50421cd286

          SHA1

          cf1157ebd53b915bb4d2f917b4dbd6b095e5e4c4

          SHA256

          fb759f7f6c55b4f4382bc643906fbdef2ffb843ba07405a11c6d095aa1f947c6

          SHA512

          26996705de6e2a68a3dd89f37af9b06cd9e7a94ead267ace0bdf926dba6f0b48c2292d5a8e42a9be05659e94da2ea5f3df92fdf3a963ed362ec367265c8c521d

          Download Submit

        • C:\Program Files\Dutch\English.exe
          Filesize

          268KB

          MD5

          ba84ab9f7c7fe2689e971a50421cd286

          SHA1

          cf1157ebd53b915bb4d2f917b4dbd6b095e5e4c4

          SHA256

          fb759f7f6c55b4f4382bc643906fbdef2ffb843ba07405a11c6d095aa1f947c6

          SHA512

          26996705de6e2a68a3dd89f37af9b06cd9e7a94ead267ace0bdf926dba6f0b48c2292d5a8e42a9be05659e94da2ea5f3df92fdf3a963ed362ec367265c8c521d

          Download Submit

        • \Program Files\Dutch\English.exe
          Filesize

          268KB

          MD5

          ba84ab9f7c7fe2689e971a50421cd286

          SHA1

          cf1157ebd53b915bb4d2f917b4dbd6b095e5e4c4

          SHA256

          fb759f7f6c55b4f4382bc643906fbdef2ffb843ba07405a11c6d095aa1f947c6

          SHA512

          26996705de6e2a68a3dd89f37af9b06cd9e7a94ead267ace0bdf926dba6f0b48c2292d5a8e42a9be05659e94da2ea5f3df92fdf3a963ed362ec367265c8c521d

          Download Submit

        • \Program Files\Dutch\English.exe
          Filesize

          268KB

          MD5

          ba84ab9f7c7fe2689e971a50421cd286

          SHA1

          cf1157ebd53b915bb4d2f917b4dbd6b095e5e4c4

          SHA256

          fb759f7f6c55b4f4382bc643906fbdef2ffb843ba07405a11c6d095aa1f947c6

          SHA512

          26996705de6e2a68a3dd89f37af9b06cd9e7a94ead267ace0bdf926dba6f0b48c2292d5a8e42a9be05659e94da2ea5f3df92fdf3a963ed362ec367265c8c521d

          Download Submit