Overview

overview

7

Static

static

3

7a7b5aa46b488e_JC.exe

windows7-x64

7

7a7b5aa46b488e_JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/07/2023, 16:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7a7b5aa46b488e_JC.exe

  • Size

    408KB

  • MD5

    7a7b5aa46b488e53283949bbce922d06

  • SHA1

    3a316cb81d2373f98b0829a6b15f232e0824e92a

  • SHA256

    fdc0e6b3078ce4346a212f4d090d52e7c68bdccd5bfb98ba1e4bda2db29eb55a

  • SHA512

    914dc39255a1bbf6d1617cda33a464c09b5d46e5dd7cb7368becb93e15ccdb29ffe12f10103d7db6c2a0c3d170aa498a29926166ecec3dfbe10ffbac02f42cc1

  • SSDEEP

    12288:gplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:8xRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a7b5aa46b488e_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\7a7b5aa46b488e_JC.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1008
    • C:\Program Files\Synthesis\Composition.exe
      "C:\Program Files\Synthesis\Composition.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4404

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Synthesis\Composition.exe
          Filesize

          408KB

          MD5

          f47280728322794dc9c9bfdb2f8314c4

          SHA1

          e3104cadd2136a87ef3a1d3d495278143d3b9a00

          SHA256

          2e0b7ee2f38bd8a3380bb9c4ea5baa501a0f9713a3a47d896bba55bade27bf90

          SHA512

          ee4bcbf01649d7fc66d96db0d1a9ed904eef2413dd4ed2101008d8aacbd162dbb22782ac7b333dacfac7178da0771ecf3c6194336092a75e696b7714584c6389

          Download Submit

        • C:\Program Files\Synthesis\Composition.exe
          Filesize

          408KB

          MD5

          f47280728322794dc9c9bfdb2f8314c4

          SHA1

          e3104cadd2136a87ef3a1d3d495278143d3b9a00

          SHA256

          2e0b7ee2f38bd8a3380bb9c4ea5baa501a0f9713a3a47d896bba55bade27bf90

          SHA512

          ee4bcbf01649d7fc66d96db0d1a9ed904eef2413dd4ed2101008d8aacbd162dbb22782ac7b333dacfac7178da0771ecf3c6194336092a75e696b7714584c6389

          Download Submit