Overview

overview

7

Static

static

3

f3ee069750...8c.exe

windows7-x64

7

f3ee069750...8c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 17:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f3ee069750937452f6236ecf1df7f95e0e6fdbafb46241e18e9e6dda1e85ce8c.exe

  • Size

    4.0MB

  • MD5

    0dba24a7d5da6fa263cf9232abe1af0c

  • SHA1

    6a83f32cbd548d1887bb3fdfeac7523c01870c9e

  • SHA256

    f3ee069750937452f6236ecf1df7f95e0e6fdbafb46241e18e9e6dda1e85ce8c

  • SHA512

    24e483df0262f8062c1c9d08e00224802f306e725ffaa317b27bec1c1dfd9545abbac996f5f9d88759dda2425171a7a5b96f66f9547cc76324070330dc3f33e4

  • SSDEEP

    98304:m4ZeadDOJ/GxRBViRlWgWsZuJn7DH0r1c:mWDLBViRlWrJJvH0r

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f3ee069750937452f6236ecf1df7f95e0e6fdbafb46241e18e9e6dda1e85ce8c.exe
    "C:\Users\Admin\AppData\Local\Temp\f3ee069750937452f6236ecf1df7f95e0e6fdbafb46241e18e9e6dda1e85ce8c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:5084

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\HPSocket4C_.dll
    Filesize

    2.8MB

    MD5

    1cf6b966365f29d060154fa5eb5c7f72

    SHA1

    bb110d37a96878c8c024a450d0b09cc28ef03cf0

    SHA256

    0e11b955048104466ed8d86db346628c1b30118ae116fa0428b0c34f486d8cf3

    SHA512

    6bc266813f4518f1b5e958c047972072d6d43996add9587b3c3b7ac64e2406784a2240cc9b815f29208b9b3ef77e0b647a1201ef39aab10eb3bec297294d2dad

    Download Submit

  • memory/5084-0-0x0000000002690000-0x00000000026B0000-memory.dmp

    Filesize

    128KB

    Download

  • memory/5084-1-0x0000000010000000-0x0000000010059000-memory.dmp

    Filesize

    356KB

    Download

  • memory/5084-7-0x0000000002800000-0x0000000002801000-memory.dmp

    Filesize

    4KB

    Download