Overview

overview

7

Static

static

3

047c103340...98.exe

windows7-x64

7

047c103340...98.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    22/11/2023, 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    047c1033405082373c7edc4acd6a6a27862cd0d066781b2af3d7b11db07f9698.exe

  • Size

    2.4MB

  • MD5

    ff5901665f5bbef02f887a86d631da5d

  • SHA1

    5f917d6bbcefe9bed910802c763bf245b0ed516e

  • SHA256

    047c1033405082373c7edc4acd6a6a27862cd0d066781b2af3d7b11db07f9698

  • SHA512

    ef5278300fb3dda9f6800aafe0b71da10b755c5729e8f4e1c816c7c13aade084268de4c06d4f5b8934ac434402a4c76a7cee4df09270d7431c18e4d99d8f7800

  • SSDEEP

    49152:gHeawhTk/BQ5l72ZfefZ71gpgE0khFu7DRzYG:Aea/pQXe2fZ7GV0SFIr

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\047c1033405082373c7edc4acd6a6a27862cd0d066781b2af3d7b11db07f9698.exe
    "C:\Users\Admin\AppData\Local\Temp\047c1033405082373c7edc4acd6a6a27862cd0d066781b2af3d7b11db07f9698.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: RenamesItself
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:2256

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\HPSocket4C.dll
    Filesize

    801KB

    MD5

    1e784518b74841fa65fe4eebc772fbbf

    SHA1

    1253245165f2e6c279187a3ae9689b2da74303b0

    SHA256

    aa7b1bc7ff5d12af899df1aca4f99abfb0aba4be0824ea715e299af3ba80ae1f

    SHA512

    2f49766e7ba2e77da5417968903eafc24f5de907cd8fa1f16f7752a44ad3c2e9183b1136cefafa1ab60ac6a01b8f867296830607a35b80e1695bc8ddf4be929e

    Download Submit

  • memory/2256-10-0x00000000759F0000-0x0000000075AF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2256-18-0x0000000074A90000-0x0000000074D7C000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/2256-4-0x0000000010000000-0x0000000010116000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/2256-8-0x0000000000390000-0x00000000003E9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2256-9-0x00000000759F0000-0x0000000075AF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2256-0-0x0000000000400000-0x0000000000AC3000-memory.dmp

    Filesize

    6.8MB

    Download

  • memory/2256-1-0x0000000000230000-0x0000000000231000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2256-2-0x0000000000400000-0x0000000000AC3000-memory.dmp

    Filesize

    6.8MB

    Download

  • memory/2256-17-0x0000000074A90000-0x0000000074D7C000-memory.dmp

    Filesize

    2.9MB

    Download

  • memory/2256-19-0x00000000759F0000-0x0000000075AF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2256-21-0x0000000000400000-0x0000000000AC3000-memory.dmp

    Filesize

    6.8MB

    Download

  • memory/2256-22-0x0000000000390000-0x00000000003E9000-memory.dmp

    Filesize

    356KB

    Download

  • memory/2256-23-0x00000000759F0000-0x0000000075AF0000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/2256-24-0x0000000074A90000-0x0000000074D7C000-memory.dmp

    Filesize

    2.9MB

    Download