Analysis
-
max time kernel
475s -
max time network
539s -
platform
windows10-2004_x64 -
resource
win10v2004-20230703-en -
resource tags
arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system -
submitted
25-07-2023 12:37
Static task
static1
Behavioral task
behavioral1
Sample
helper_web_ui.exe
Resource
win10v2004-20230703-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
helper_web_ui.exe
-
Size
5.0MB
-
MD5
9c007b9613e66049b29fe4061ae92b64
-
SHA1
fdd3add899f870e21adfc37f7875c3a5d74d8ddf
-
SHA256
2b816a4b0067dfb42956a7f0c31529a14f8b5e9670719c33e9a7fdd964fa08f5
-
SHA512
52287e1071ee283ae93b25da3c22f1fe032860226f0a3cc4c172426f39d922bd93a94df9d9cc0dc6999031d6d032518e9af6be0be3e6efc943b7043b40cfde75
-
SSDEEP
98304:j4xqHQC5R/aH+3jT9fPxNG3WK3zLHYb7SQb1b9SGbwtA6qFOU9JfmEMOaOiOOklE:0xqwC//C+3jJPS3N334Hb1UGbwy6qF2L
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 1 IoCs
Processes:
svchost.exedescription ioc process File created C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\InstallService\{23E58BE3-05DE-48B9-8CA8-65343076ABBB}.catalogItem svchost.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
helper_web_ui.exepid process 3792 helper_web_ui.exe 3792 helper_web_ui.exe