Overview

overview

5

Static

static

3

971267bb12...d0.exe

windows7-x64

1

971267bb12...d0.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    138s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230824-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230824-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/08/2023, 06:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    971267bb12996f478c47dbdb8204a8836b48318ec4e3b0ab3a2483085a2041d0.exe

  • Size

    3.9MB

  • MD5

    7500f19ad7517606c282cf6356ebb5f8

  • SHA1

    1e225b56c1e3e6b760dcdba127c636717d22a54e

  • SHA256

    971267bb12996f478c47dbdb8204a8836b48318ec4e3b0ab3a2483085a2041d0

  • SHA512

    614275c36a6f70a132c2805bc3bd8588e4af1b783c544c3447121362d88a98ccaddc00f19bce5c9cc1dc9cac58afc806e208c180454d28faaf7f1f24eae29ee2

  • SSDEEP

    98304:wU0+KZY9gRlCRGIRkWOLDUs0L8PvzCo0:YZY9lvR+H/0L8Pv2

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe -k netsvcs -p
    1⤵
    • Drops file in System32 directory
    PID:4736
  • C:\Users\Admin\AppData\Local\Temp\971267bb12996f478c47dbdb8204a8836b48318ec4e3b0ab3a2483085a2041d0.exe
    "C:\Users\Admin\AppData\Local\Temp\971267bb12996f478c47dbdb8204a8836b48318ec4e3b0ab3a2483085a2041d0.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads