691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5

Analysis

max time kernel
118s
max time network
122s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
07/10/2023, 07:31

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5.exe
Size

6.2MB
MD5

6ed27730c71aa73c99d39c36a8addbb9
SHA1

09cda2edda8c5bf146c88d96ec815f6643c8e833
SHA256

691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5
SHA512

0d661df229236df2684596bbb61fca060adbcbd5afc8030b620b39cf25cb3ae4d577793f81430e9c69aea16430546ac4e39408e8acf718d7788544c87c3939fa
SSDEEP

98304:4J//f5xIDPCEO5EMR2WIaNPW2Bky/fWPnYmUyLh/S2yw7jRewbKPXBRBv:4BYDcoWbNNBkM+nYNy5j3RewbKPXBzv

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
1424	691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1424	691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5.exe
1424	691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5.exe

C:\Users\Admin\AppData\Local\Temp\691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5.exe
"C:\Users\Admin\AppData\Local\Temp\691308f506bb3f310cce18be45eb494e02315480ac38c93bc254fcf5aba14fd5.exe"
1⤵
- Loads dropped DLL
- Suspicious use of SetWindowsHookEx
PID:1424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\E2EECore.2.8.15.dll

Filesize
10.1MB

MD5
2fdd7abd6b8e3fd9ba425405d88d3340

SHA1
4291099d2a18b41a1b1e5fcc3c71bf256cc97ed2

SHA256
5ea3a1f359bdfd143c1df71430fb531af8430a0c33080d4907c135c35134b871

SHA512
14f78ef5e272cc1b5e53aad8ab27fc66112adfc1dd40ef98a743ad8b052601a9b6006f5e0e77c4a652bc19a08cb6e8fb66275761619677635693378a3ea54805

Download Submit
memory/1424-13-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-2-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/1424-3-0x00000000002F0000-0x0000000000314000-memory.dmp

Filesize
144KB

Download
memory/1424-4-0x00000000032D0000-0x00000000033E0000-memory.dmp

Filesize
1.1MB

Download
memory/1424-6-0x0000000003150000-0x00000000032D0000-memory.dmp

Filesize
1.5MB

Download
memory/1424-5-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-7-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-9-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-0-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-11-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-16-0x0000000001690000-0x0000000001720000-memory.dmp

Filesize
576KB

Download
memory/1424-15-0x00000000033E0000-0x00000000034E0000-memory.dmp

Filesize
1024KB

Download
memory/1424-14-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-1-0x00000000002F0000-0x0000000000314000-memory.dmp

Filesize
144KB

Download
memory/1424-21-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download
memory/1424-22-0x00000000002F0000-0x0000000000314000-memory.dmp

Filesize
144KB

Download
memory/1424-24-0x0000000000250000-0x0000000000255000-memory.dmp

Filesize
20KB

Download
memory/1424-23-0x0000000000260000-0x0000000000263000-memory.dmp

Filesize
12KB

Download
memory/1424-27-0x00000000002F0000-0x0000000000314000-memory.dmp

Filesize
144KB

Download
memory/1424-28-0x0000000000400000-0x000000000168D000-memory.dmp

Filesize
18.6MB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads