Overview

overview

3

Static

static

3

Defender_Settings.vbs

windows7-x64

3

Defender_Settings.vbs

windows10-2004-x64

1

data/Templ...te.htm

windows7-x64

1

data/Templ...te.htm

windows10-2004-x64

1

install ap...on.exe

windows7-x64

3

install ap...on.exe

windows10-2004-x64

3

lic.exe

windows7-x64

3

lic.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    144s
  • max time network
    140s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11-10-2023 14:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    install application.exe

  • Size

    22.1MB

  • MD5

    fec87646e0a1d848639e0a358286d64f

  • SHA1

    0d32cc4683a42fb8f9d0f38da0999c1732d03999

  • SHA256

    d7359636d5d0e1803181022a39ac188ed7a5c939b4d27fa1ec80ddc0faf71e74

  • SHA512

    d0b339e6891f09f8a79a06a92b5e0a7f833a7b3ef6e9e61130916af425a5d7f96684a37271ddc913d0ea830889f9148c423cfa6f2b4f7850b51fc590fc574c19

  • SSDEEP

    196608:QuJMRi3E/purHOcc+fNyPmAlzw6EHDqC8NA:mK5t5jAc2C3

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\install application.exe
    "C:\Users\Admin\AppData\Local\Temp\install application.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2228

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\data\program.PNG
    Filesize

    696KB

    MD5

    a3d4494188555fd642820346806fd1d8

    SHA1

    53a37fb21d1fdc91cdea14721eeecac83cc2825c

    SHA256

    ace20dad2b8ef82a5f8674afc8e9ca05f5f3f63efc798d66b43eb7124dc802ca

    SHA512

    a4265bf8fb50fbdb1b13b3d03126b2ec354cbd4c0ee9baa51911700e1be73753f549b1a8cdace269b674afaab04b03f545a2a383f3fd8a0b7898b8498a4a25e4

    Download Submit

  • memory/2228-0-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2228-9-0x0000000000400000-0x0000000001A26000-memory.dmp

    Filesize

    22.1MB

    Download

  • memory/2228-10-0x0000000000240000-0x0000000000241000-memory.dmp

    Filesize

    4KB

    Download