Overview

overview

3

Static

static

3

b5b7b500bc...ce.exe

windows7-x64

1

b5b7b500bc...ce.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    07-10-2023 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5b7b500bc2eee0dc400c3e0cbfb47496740035aa8e032567e56e26984c5e1ce.exe

  • Size

    4.5MB

  • MD5

    d285055472036373d10de98c21bddcfe

  • SHA1

    4c6842c6fdb55e5ccff4cee9d609146531dce5e2

  • SHA256

    b5b7b500bc2eee0dc400c3e0cbfb47496740035aa8e032567e56e26984c5e1ce

  • SHA512

    6c15752a56c6135897d7ff384fe22a2d51b35cf90e40b6e3a4cedd79e4f5f153fae1ba4f918f5cc852dd62694eb2f5e4c9f47ba926e32d6a340234fa4e576621

  • SSDEEP

    98304:pB0jaHMO+a6xpqM5t2S4CI97lLP6KjRsBcxuE2I:sjaHJaeh97FPNzwE2I

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 19 IoCs
  • Suspicious use of SendNotifyMessage 19 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b5b7b500bc2eee0dc400c3e0cbfb47496740035aa8e032567e56e26984c5e1ce.exe
    "C:\Users\Admin\AppData\Local\Temp\b5b7b500bc2eee0dc400c3e0cbfb47496740035aa8e032567e56e26984c5e1ce.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1200

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\nas.json
    Filesize

    22B

    MD5

    899f12c646edf12d06a497264f9a9a81

    SHA1

    58e0e1559507388cea3df91288cb772aafb2697f

    SHA256

    337ca9216e80d3d9c9887c2c9294bff41af573c1b91675b56c7259acd128bc38

    SHA512

    3f5f46dc6b8d4d09abe211dd555dedc5112d403a2fc879a773fb29bf07f2cf5f558f638c5c48ed504d821c1a4c7c5142bad13a059956a0e99a08ccb0f4d8e1ba

    Download Submit

  • memory/1200-0-0x0000000000200000-0x0000000000201000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1200-4-0x0000000000200000-0x0000000000201000-memory.dmp

    Filesize

    4KB

    Download