Overview

overview

3

Static

static

1

87a84b3c06...70.exe

windows7-x64

1

87a84b3c06...70.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    157s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    12/10/2023, 08:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    87a84b3c067e8f91e9d40dfd9271f007cbd2b23d46881ad85623a418fc7ed470.exe

  • Size

    1.3MB

  • MD5

    d35fd3d3358aef896a156e3e6e5d84cd

  • SHA1

    e8b14b7e8fe33099300601efdf69d74a30b1dc95

  • SHA256

    87a84b3c067e8f91e9d40dfd9271f007cbd2b23d46881ad85623a418fc7ed470

  • SHA512

    522de285c5d3eb441d7a8bceeb041163a8a6e5f258cba4f409ee5c13edc274846a3ee016065f30cc52867e2eb51559ed63cfdb9cf8b2e5a7d6d5d71dd784df32

  • SSDEEP

    24576:UcvaDKBaZSeA/+RvgswfkNoKUCuO5az/rhPV52oE:U1Q2RgkNo7Fz/VPVG

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Suspicious use of AdjustPrivilegeToken 2 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\87a84b3c067e8f91e9d40dfd9271f007cbd2b23d46881ad85623a418fc7ed470.exe
    "C:\Users\Admin\AppData\Local\Temp\87a84b3c067e8f91e9d40dfd9271f007cbd2b23d46881ad85623a418fc7ed470.exe"
    1⤵
    • Checks processor information in registry
    • Enumerates system info in registry
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:1348

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Jnns.Config
    Filesize

    2KB

    MD5

    d0b9d13c7751fcd660a4cb4df5ebb9df

    SHA1

    41663b96d611bcc5f261469a48cb3277596bb568

    SHA256

    5b04d02cf7b71a206874f5c204cea679e0cdef9f5d0f10e7e79bffb2b2f14d26

    SHA512

    ec9589e76afd82896e669f891bee3eeed4c56e37ab7ac8d04f41082e1ac2b0748a2c25bf5d1cd49c457105503e63d07846f71b66cf3147a01a809b27f53e5b56

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Jnns.Config
    Filesize

    166B

    MD5

    e8c998b3b3647ef3f9f5e53e15671f33

    SHA1

    35cc63f951b348af71b0d1303ec566c9e09fa327

    SHA256

    4592948bd6599d258f0d07ac21ca3e3483b6eec3eea4d1128ac3603a02545955

    SHA512

    4c81491be98f5124a86b69f66491a275d0382917df39954e1a194e56df29f51af12be4ea1ba85543669fb2d5a840d2fe9a77c029b056e91388dc371219b3280b

    Download Submit