Overview

overview

7

Static

static

3

b394d6fa5a...32.exe

windows7-x64

1

b394d6fa5a...32.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-10-2023 19:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b394d6fa5aa35babfdd5a0bbab6adc60_exe32.exe

  • Size

    55KB

  • MD5

    b394d6fa5aa35babfdd5a0bbab6adc60

  • SHA1

    27c4df0ddff90208b67d05f514fd5640cb3e0369

  • SHA256

    32cf4f1861546d8153486a1af8ab7a1b78a2f7cba0fddf6f26c2e067dcc73a17

  • SHA512

    e82b5502f707f3c320edb1de6f27239f241cd1d6bda40be6e9511d31d41b51eba4c13f1c9c93a49e55420f688d3d5e442f3e21ce9963e4ae2157975ec71c2985

  • SSDEEP

    768:hGjpVZbuv4eaR1P6pEe61onZuwCsFK0s2m7r5r4u6WTIJ:hGj09avZonZ560sH945J

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b394d6fa5aa35babfdd5a0bbab6adc60_exe32.exe
    "C:\Users\Admin\AppData\Local\Temp\b394d6fa5aa35babfdd5a0bbab6adc60_exe32.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:4352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\olemdb32.dll
    Filesize

    23KB

    MD5

    65387b1305f01ede9bce1b664207d5d7

    SHA1

    19d719d16958e6a1c5367b578cb9ff7700e695bf

    SHA256

    148f1d2ce99fb0305e53fd24add20cd19cc420e9c1d1b64abf42b456da94cd23

    SHA512

    cd64957c47979626be9a77b2a2ee2d0b22b72540369a4b6cfe1c1c9f8180b546db0b6e637259dd8f7a09506d738ec57fc34b116e199641c40f55e0d5b40a2a29

    Download Submit

  • memory/4352-0-0x0000000000400000-0x0000000000411000-memory.dmp

    Filesize

    68KB

    Download

  • memory/4352-5-0x0000000010000000-0x000000001000F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/4352-10-0x0000000010000000-0x000000001000F000-memory.dmp

    Filesize

    60KB

    Download

  • memory/4352-9-0x0000000000400000-0x0000000000411000-memory.dmp

    Filesize

    68KB

    Download