Overview

overview

3

Static

static

3

551a404de8...47.exe

windows7-x64

3

551a404de8...47.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    182s
  • max time network
    219s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2023, 22:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    551a404de8adf5ae1ee1a6baea99107126bdd1074a509c4a8341a51444de1d47.exe

  • Size

    12.0MB

  • MD5

    a72e926d254aa841365b68b73ad638fe

  • SHA1

    3dcc8fdbdd5dc46bd0e24192307e0e7f7f0aa795

  • SHA256

    551a404de8adf5ae1ee1a6baea99107126bdd1074a509c4a8341a51444de1d47

  • SHA512

    e003a6eb2603fc538cc17d7e719cabb55cd634b81692bca7d71803846ed13ab6fdacbbc50f9a48d0c64d8191899ad2a25b947a4ae7f58601cc20c8e89b4ee2ba

  • SSDEEP

    196608:reCXMgAvGRER8eI4ufobW80Zm2cDcVtE9PvXUFsAtacg+D85uPgaDn9EYOtxd8+L:iCX0vGREUtAp0Zm2cwEBUHtGDUokn9E5

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\551a404de8adf5ae1ee1a6baea99107126bdd1074a509c4a8341a51444de1d47.exe
    "C:\Users\Admin\AppData\Local\Temp\551a404de8adf5ae1ee1a6baea99107126bdd1074a509c4a8341a51444de1d47.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2484

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\551a404de8adf5ae1ee1a6baea99107126bdd1074a509c4a8341a51444de1d47.exepack.tmp
    Filesize

    2KB

    MD5

    0d74c8207883caaf349d9a6723ffae97

    SHA1

    ce09438f2c7178fd63b406014f653eb02f1c7b4f

    SHA256

    974d96eeb20bab3ddb99db6ef583aaf3288777c22cd04ff05122a11fb228d165

    SHA512

    dab088fc6ed889c35ecc0c0b06a4146e30cda622c454214c4373fa5438eb9a0ae3317bdd1db83fb58f89b474c7664849c1f398d303f753bdd10cb0fc0a768676

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\b1d6f9fcd7cdad9fde5fdd7f0f872a92.ini
    Filesize

    1KB

    MD5

    3e3529e8258aa9adbab95276673b51ee

    SHA1

    0544edd674d3d95cd9d1b288bb484759c229df9d

    SHA256

    5bef0110ce9c77254d5f63cc7c9943aacf18cfc4bbafb4aaae6b4362f97c22d7

    SHA512

    d776ecf22c9ad6fdaa72e6655fcfd1f8e550c1fdbf1a4a4410e10deea5d892a5d56904490a5c1fc5f05e9467470ebfe6825f962571614c09c64355c98d8adabf

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\b1d6f9fcd7cdad9fde5fdd7f0f872a92A.ini
    Filesize

    1KB

    MD5

    4beda4a46451a6edee79a093702546b2

    SHA1

    60e7cd7ae363a088d5e4348aab5b4d286a454286

    SHA256

    b078dfc30eccec9d480813d3d14b0d005d33780547280e02c81d499514e0b929

    SHA512

    17b38916ea6ecca9fa783edf716249df450de9cdb40924d6de14730de99de93ad09fa77111839e6cd30285684f6a7ec5e9de3bea0c4881805bebd4bfda094916

    Download Submit

  • memory/2484-11-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-6-0x0000000002060000-0x0000000002063000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2484-7-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-9-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-10-0x0000000050000000-0x0000000050109000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/2484-0-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-5-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-2-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-1-0x0000000002060000-0x0000000002063000-memory.dmp

    Filesize

    12KB

    Download

  • memory/2484-334-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-335-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-340-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download

  • memory/2484-345-0x0000000000400000-0x0000000001E9D000-memory.dmp

    Filesize

    26.6MB

    Download