Overview
overview
10Static
static
10AnyDesk.exe
windows7-x64
AnyDesk.exe
windows10-2004-x64
LastActivityView.exe
windows7-x64
6LastActivityView.exe
windows10-2004-x64
6Ocean.exe
windows7-x64
1Ocean.exe
windows10-2004-x64
1journal-tool.exe
windows7-x64
9journal-tool.exe
windows10-2004-x64
9shellbag.exe
windows7-x64
1shellbag.exe
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
07-12-2023 19:22
Static task
static1
Behavioral task
behavioral1
Sample
AnyDesk.exe
Resource
win7-20231130-en
Behavioral task
behavioral2
Sample
AnyDesk.exe
Resource
win10v2004-20231127-en
Behavioral task
behavioral3
Sample
LastActivityView.exe
Resource
win7-20231023-en
Behavioral task
behavioral4
Sample
LastActivityView.exe
Resource
win10v2004-20231130-en
Behavioral task
behavioral5
Sample
Ocean.exe
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
Ocean.exe
Resource
win10v2004-20231127-en
Behavioral task
behavioral7
Sample
journal-tool.exe
Resource
win7-20231130-en
Behavioral task
behavioral8
Sample
journal-tool.exe
Resource
win10v2004-20231130-en
Behavioral task
behavioral9
Sample
shellbag.exe
Resource
win7-20231023-en
Behavioral task
behavioral10
Sample
shellbag.exe
Resource
win10v2004-20231127-en
General
-
Target
Ocean.exe
-
Size
2.3MB
-
MD5
406ee8b2243cf8193acd0a0df35f6808
-
SHA1
0bf35f3becd6870dc6711a72a1fa2a847f79015d
-
SHA256
1227ebbc393db7aaf3b323370fc80cf5a8745ea4eb140a34eed25d6957db7208
-
SHA512
d0bddd58918307f74c898c46c308f301ce039c43580cfe01f5dde1bc391daf96b7688cd823f701bb49258700ab42bf4d787a11548af282aa57be8fccf97cfd1c
-
SSDEEP
24576:KqRlOPsiDcX/f1t5EWdrTxhYJtjQTac7rl1v0acs+l/VMZyCV1EN/6UdnD88Jw4:prOPsiDcX39drTz/7rkaEl99i2nf
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
Ocean.exepid process 2164 Ocean.exe -
Suspicious use of SetWindowsHookEx 1 IoCs
Processes:
Ocean.exepid process 2164 Ocean.exe