Overview

overview

7

Static

static

3

NA_NA_123d...JC.exe

windows7-x64

7

NA_NA_123d...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    23-07-2023 15:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NA_NA_123d9873989f98exeexe_JC.exe

  • Size

    409KB

  • MD5

    123d9873989f98eb317693a5f98e5295

  • SHA1

    2f62104fbc6d1360077bf6c0998c718a96967d00

  • SHA256

    90f8a7d59a197b8737a608dc217e0841c221753e645375b4d69cdbea8ec08aed

  • SHA512

    3639af60d6b0108ce96e9165218a71f2fca83312804ce6239edac039eb4a52c6516eaf5b46df574bca0f80083a6da7ccad9f98a19bb698bef91898ed55418324

  • SSDEEP

    12288:AplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:cxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NA_NA_123d9873989f98exeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NA_NA_123d9873989f98exeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Program Files\within\Documentation.exe
      "C:\Program Files\within\Documentation.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2480

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\within\Documentation.exe
    Filesize

    409KB

    MD5

    9b97670aa8bae29eba010ec02fd6e019

    SHA1

    47cc645b176183cce0f87d1236bae8825d5cde80

    SHA256

    b5834976dd51166123d484ec180c41e683df6faa1e92f1544efb4898d9621473

    SHA512

    e2bca5c8278c7880896a830a1a9349dd78ffd6ba12e7ab6c073db7f1c37528d94c53e3b64013c7a701ce859857284a914c79dbb1bc21ed9c9ff8fb98fae644bc

    Download Submit

  • C:\Program Files\within\Documentation.exe
    Filesize

    409KB

    MD5

    9b97670aa8bae29eba010ec02fd6e019

    SHA1

    47cc645b176183cce0f87d1236bae8825d5cde80

    SHA256

    b5834976dd51166123d484ec180c41e683df6faa1e92f1544efb4898d9621473

    SHA512

    e2bca5c8278c7880896a830a1a9349dd78ffd6ba12e7ab6c073db7f1c37528d94c53e3b64013c7a701ce859857284a914c79dbb1bc21ed9c9ff8fb98fae644bc

    Download Submit

  • \Program Files\within\Documentation.exe
    Filesize

    409KB

    MD5

    9b97670aa8bae29eba010ec02fd6e019

    SHA1

    47cc645b176183cce0f87d1236bae8825d5cde80

    SHA256

    b5834976dd51166123d484ec180c41e683df6faa1e92f1544efb4898d9621473

    SHA512

    e2bca5c8278c7880896a830a1a9349dd78ffd6ba12e7ab6c073db7f1c37528d94c53e3b64013c7a701ce859857284a914c79dbb1bc21ed9c9ff8fb98fae644bc

    Download Submit

  • \Program Files\within\Documentation.exe
    Filesize

    409KB

    MD5

    9b97670aa8bae29eba010ec02fd6e019

    SHA1

    47cc645b176183cce0f87d1236bae8825d5cde80

    SHA256

    b5834976dd51166123d484ec180c41e683df6faa1e92f1544efb4898d9621473

    SHA512

    e2bca5c8278c7880896a830a1a9349dd78ffd6ba12e7ab6c073db7f1c37528d94c53e3b64013c7a701ce859857284a914c79dbb1bc21ed9c9ff8fb98fae644bc

    Download Submit