8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28

Analysis

max time kernel
118s
max time network
123s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
21-08-2023 11:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe
Size

3.5MB
MD5

b2f83cd2b0728f2ae10ad913c43d0b37
SHA1

3040beb2d97806d39bc8f9ea6ace183dfdf4fa0a
SHA256

8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28
SHA512

8c82e12c0038390efc9471ea6e62643506f6e3926e7c53b73082ee3f3926ac060b87773f55123cbb6f18796e5a71ffb125680c931daeb21fa0eeff3d3b366235
SSDEEP

98304:wY7yzDH6SblQG5Vqldwjo6MbKiykqxTcfUWo2EZM2aLh7z/43860bk29ApDTVcdl:wNzDHpblb/6F6MbKiykqxYsWo2E22aLL

Score

10^/10

evasion

Malware Config

Signatures

Modifies visiblity of hidden/system files in Explorer 2 TTPs 1 IoCs

evasion

Hidden Files and Directories

T1564.001

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-722410544-1258951091-1992882075-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\ShowSuperHidden = "0"	8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe

Suspicious use of SetWindowsHookEx 4 IoCs

pid	Process
2616	8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe
2616	8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe
2616	8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe
2616	8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe

C:\Users\Admin\AppData\Local\Temp\8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe
"C:\Users\Admin\AppData\Local\Temp\8ad72f187d2cde8b713d9e0be045fd3cec622bae6828c8e20a90102a0df9cd28.exe"
1⤵
- Modifies visiblity of hidden/system files in Explorer
- Suspicious use of SetWindowsHookEx
PID:2616

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Hidden Files and Directories

T1564.001

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads