Overview

overview

3

Static

static

1

6df7ce51af...ce.exe

windows7-x64

1

6df7ce51af...ce.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    134s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    01/09/2023, 20:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6df7ce51af353eb6679f87bee0729319351d85aaf30e0fc7b446991d12d0face.exe

  • Size

    1.3MB

  • MD5

    a9137e257297a19e788f62784fcbe4d3

  • SHA1

    bccb8ee1e6de4f0ccf85159f0a08265fb1d88332

  • SHA256

    6df7ce51af353eb6679f87bee0729319351d85aaf30e0fc7b446991d12d0face

  • SHA512

    059a07e4e03531ffde036e2d9a70328592de1df36e6593ac626483e104c213cae2898aaf5a72421c8f7b783333f87b908ba7df291ee24e2dbe70110474ae59dc

  • SSDEEP

    24576:X0hzpOR8uLEaZylSfnjEoGV4OiV+5vox8z/rhPV5VGg:Xgo2iV8QWz/VPVp

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6df7ce51af353eb6679f87bee0729319351d85aaf30e0fc7b446991d12d0face.exe
    "C:\Users\Admin\AppData\Local\Temp\6df7ce51af353eb6679f87bee0729319351d85aaf30e0fc7b446991d12d0face.exe"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2232

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Jnns.Config
    Filesize

    2KB

    MD5

    b44dfa5ae18400536cab30a5041b30a1

    SHA1

    2ec7c42d36287030a9e41bbccc25f37d20e5eb03

    SHA256

    b3413595fdc2aac538c6da87b97b97d2f3270629db7a0563f6347bdb95a8264c

    SHA512

    0ca52ebe91929e34f168660e90fb9fc8c888af2320ec2d563b24e307e44486f645c34280a8b6a0ed37939074eaf33550f77d0c88143c816ec66f67c040d05695

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Jnns.Config
    Filesize

    2KB

    MD5

    b44dfa5ae18400536cab30a5041b30a1

    SHA1

    2ec7c42d36287030a9e41bbccc25f37d20e5eb03

    SHA256

    b3413595fdc2aac538c6da87b97b97d2f3270629db7a0563f6347bdb95a8264c

    SHA512

    0ca52ebe91929e34f168660e90fb9fc8c888af2320ec2d563b24e307e44486f645c34280a8b6a0ed37939074eaf33550f77d0c88143c816ec66f67c040d05695

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Jnns.Config
    Filesize

    1KB

    MD5

    3c3ff13d9b89b00ac73bc76bccd39e9a

    SHA1

    62a52b99813ed9365261030abaffad7500df80f9

    SHA256

    2cba444138b69292a1c2fb87c2e11fcdb5364c1ba13afa031f879bd58bbff26b

    SHA512

    7351c1ff651390e4bce49c10c91acc20996b43d0d3f6ebfad358381095a211c139c04a708a7f573d1681d10806cb794b4a5e21013c173b1aec0ce3cd2f408f4b

    Download Submit