Overview

overview

3

Static

static

3

efeeb5e8ec...19.exe

windows7-x64

3

efeeb5e8ec...19.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/10/2023, 21:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    efeeb5e8ec765f7c201b4b119f769bf16120e16bb62df7f754b34e2e2e98b619.exe

  • Size

    5.1MB

  • MD5

    9b83cceb7e2ad5c521812d49ef712b1a

  • SHA1

    7e80d3293e6b0b5eb4728f146096157079349606

  • SHA256

    efeeb5e8ec765f7c201b4b119f769bf16120e16bb62df7f754b34e2e2e98b619

  • SHA512

    012f8fb40ef21ce66e557806b2d0de31d4fa849172c8ab70b9e7c03763e2f4ae27d73dd0bfbe7250f0be9e8edb5d899d6c7dad3596eac01b6edb2e6b6ff4c12b

  • SSDEEP

    98304:7AGcu1ya1xAJ9y5xPSbH6ZN9RViAzccl1ZXxmH5JBAUZL8:7r845RSbQVidcl1hxCJVQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\efeeb5e8ec765f7c201b4b119f769bf16120e16bb62df7f754b34e2e2e98b619.exe
    "C:\Users\Admin\AppData\Local\Temp\efeeb5e8ec765f7c201b4b119f769bf16120e16bb62df7f754b34e2e2e98b619.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4280
  • C:\Windows\system32\rundll32.exe
    "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
    1⤵
      PID:1788
    • C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe -k UnistackSvcGroup
      1⤵
      • Suspicious use of AdjustPrivilegeToken
      PID:3640

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
            Filesize

            16KB

            MD5

            6a02c7b339b90944150bf16ec7927d56

            SHA1

            2ea2150521e1a501709c0b2f7af53fecbd5d2735

            SHA256

            f7910400e9e26137b1c8e94452ffe79965539b36948c51d26294edba5b234b13

            SHA512

            0820502cdb307f3ed865f050e8587b188adb837b65705dfeb557b759ca0fc203a78eadeb39380a731cf5784e5f93f0817fe7f347ccd505609851ae92d6b95a99

            Download Submit

          • memory/3640-49-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-51-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-42-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-43-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-44-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-45-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-46-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-47-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-48-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-52-0x00000269DE780000-0x00000269DE781000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-41-0x00000269DEB30000-0x00000269DEB31000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-50-0x00000269DEB60000-0x00000269DEB61000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-9-0x00000269D6440000-0x00000269D6450000-memory.dmp

            Filesize

            64KB

            Download

          • memory/3640-53-0x00000269DE770000-0x00000269DE771000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-55-0x00000269DE780000-0x00000269DE781000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-58-0x00000269DE770000-0x00000269DE771000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-61-0x00000269DE6B0000-0x00000269DE6B1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-25-0x00000269D6540000-0x00000269D6550000-memory.dmp

            Filesize

            64KB

            Download

          • memory/3640-73-0x00000269DE8B0000-0x00000269DE8B1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-75-0x00000269DE8C0000-0x00000269DE8C1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-76-0x00000269DE8C0000-0x00000269DE8C1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/3640-77-0x00000269DE9D0000-0x00000269DE9D1000-memory.dmp

            Filesize

            4KB

            Download