8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de

Analysis

max time kernel
148s
max time network
40s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
11/10/2023, 15:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de.exe
Size

951KB
MD5

9a4b46d6af32b1585320d0a4a5b6a9f6
SHA1

15e2d9e47eabe14e0bf67dd915c6a8bd7a51f351
SHA256

8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de
SHA512

27cd78b09603ce450a3f7293bfdf77e0a5bad9f1fe135e46e692600dfe33bf20336a32b63b7efbebf231b4827b7eb4d37e89499e8c768b6801ecec727f70cd96
SSDEEP

12288:2yWDCqY7nEcEC0GvY83o4pPtF4CduAkgDX0uG64H9wKY1jTaUYPF6mVH:6DbYAcERqbVbgAEuBE9N/F6mB

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2180306848-1874213455-4093218721-1000\Software\Microsoft\Internet Explorer\Main	8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2112	8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de.exe
2112	8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de.exe

C:\Users\Admin\AppData\Local\Temp\8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de.exe
"C:\Users\Admin\AppData\Local\Temp\8aa99be95e26ffcfa8bb9fa38ad0286799d2c9eab552cfe1fc21fe07d02297de.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:2112

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2112-0-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2112-31-0x0000000000400000-0x00000000004F4000-memory.dmp

Filesize
976KB

Download
memory/2112-32-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download