Analysis

  • max time kernel
    146s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 02:36

General

  • Target

    3ee9278f259f40712d6c04391528e6f1c10df520e34c8320168f1874e98fee5e.exe

  • Size

    652KB

  • MD5

    39c0b9d30a74a549ab3ab72cf2036283

  • SHA1

    2501e947f36eaf4477dc0e265e173589bcf54803

  • SHA256

    3ee9278f259f40712d6c04391528e6f1c10df520e34c8320168f1874e98fee5e

  • SHA512

    2466fcd7f7156371dc19fa287536a693a5c4fc66aa856868ab7310e9d7758fd3e8226c0d53cb8074bdd0c5ad36bf1bd52a529c82eb5bb0ae6b89d8c08b8f1b9e

  • SSDEEP

    12288:u5Z7Z62YrSk2PDIUITnW6z6yMazIowLE:gZ702Ymk2mTW/yxzIo

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ee9278f259f40712d6c04391528e6f1c10df520e34c8320168f1874e98fee5e.exe
    "C:\Users\Admin\AppData\Local\Temp\3ee9278f259f40712d6c04391528e6f1c10df520e34c8320168f1874e98fee5e.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3104
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\start_http.bat
      2⤵
        PID:4480

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\start_http.bat

      Filesize

      665B

      MD5

      fafc085fbbce52bdd25d4044ce223cf2

      SHA1

      25749d37399de0cea65a5c6f012e989b1d3503a7

      SHA256

      6bc3961cac8288af0c4bc079fd68b4bd722a2ee1d9796b06716f0c570575781c

      SHA512

      affb6d3083783fb9ad22455d1920e29e30da37f9a801a02173180a789622c7b2e569dbd796ee071ba00d1fe12babf1e11e52c64b93d6f03beed7baaba329a1af