Overview

overview

4

Static

static

3

tmp.exe

windows7-x64

1

tmp.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    139s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/12/2023, 06:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.exe

  • Size

    423KB

  • MD5

    fd406efee25a445e83db52dee9924112

  • SHA1

    a104d5e774e3a036bbc6a02351a5a15d8a5f59e3

  • SHA256

    bd62a021da405f1d4387d8760cf22a2a9aeacf469ee40dd5a515c6fa8abb423e

  • SHA512

    7959cfb4c1333525290b313569a3cfb858f6e4ee787d537521d11bfb4044ed41a2b562a4672ec964cd9bc3a9b0032ee3f6d008bef8a90f93c62d4efef4d9b92e

  • SSDEEP

    6144:GmbpJJtJQGyVqnuRqspLf41BpUqbH0TGngDeT93YQjhpoP+/eu8zni:hFspLf41TUqr0qntT1YQSaJ

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\tmp.exe
    "C:\Users\Admin\AppData\Local\Temp\tmp.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    PID:3644

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\ZohoMeeting\log\CustomerPluginInstaller.log
    Filesize

    1KB

    MD5

    a78187d368f9e9237110ded4271c567a

    SHA1

    1ba008b8228301e27834e4231e1655924f0b9c92

    SHA256

    bd9fbafd48c65dd0738732c9fc3a32afcfc36559ec07d8587725e656043f610a

    SHA512

    036b81be0f51d6963aed1b21ac74e0146e7f4df226ea589135c92f25f9d6ff2335073546e4321534b370d7d010876b2da58a93cdee8783303f9658032d088860

    Download Submit

  • C:\Users\Admin\AppData\Local\ZohoMeeting\log\CustomerPluginInstaller.log
    Filesize

    1KB

    MD5

    0ab0c093227168e9c5a96b35fcdd72aa

    SHA1

    d3bacd9516f28a0e116b4b71f77b9c90aa2d1cf7

    SHA256

    ee09e62746881c0f9d7479fdb04f29d3233fd296724581ae3102db97bce96675

    SHA512

    8bc0e05bdc583e0e32772f09e0da1b2a48c815a2a6fa64aa5412bd67f33ac7b766e3cb7bd05ac6030d3deb02a0dd5b7f774766a0fc81485acdd54ddc06051eee

    Download Submit

  • C:\Users\Admin\AppData\Local\ZohoMeeting\log\CustomerPluginInstaller.log
    Filesize

    1KB

    MD5

    3492f1353ee0eed07a970404b25e8645

    SHA1

    bf76be475b6daf99f7c2f1ecfcc29cb9422c0e03

    SHA256

    42135c314b573f17c6311a43060119f4cce706ef9789a7e2b1a774ac44631e52

    SHA512

    c73f3b636f09f562aae446f9e87ee74f286c7c87c30fd229c6360034787e00955f520a2773566f0b7cf65bd9b26cb8a747bb50bfabbd804d9f97c98fd222c14f

    Download Submit