Overview

overview

10

Static

static

3

0cf2519953...67.exe

windows7-x64

10

0cf2519953...67.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    3s
  • max time network
    91s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-12-2023 19:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0cf251995397bd72568ae75259850c67.exe

  • Size

    176KB

  • MD5

    0cf251995397bd72568ae75259850c67

  • SHA1

    783fe6fde797b6eea2bf57f13c250fc3829ca96e

  • SHA256

    3fde0850355abba4363f14e9009da9175fd38a04b69c4f82b5d5d188a64549fc

  • SHA512

    25e30d4cf8352e01d0ed4870275398ca4a9fa878672a94cf008b100051158b069b753e3f9cbf755c43d2a0a811672cbcd3944663b4cc1a88d4f56b5f2203b614

  • SSDEEP

    3072:wfXYCdKZCsJB/pAYsmyCMuKnvmb7/D26ADS6eS6EjzXLG47JTmcoiBuAZdJ:yICkCsJB/pxKnvmb7/D26Ae6eS6wzXL9

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0cf251995397bd72568ae75259850c67.exe
    "C:\Users\Admin\AppData\Local\Temp\0cf251995397bd72568ae75259850c67.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:1772
    • C:\Users\Admin\qieeru.exe
      "C:\Users\Admin\qieeru.exe"
      2⤵
        PID:4380

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\qieeru.exe
      Filesize

      6KB

      MD5

      27e9df92b4c9c098dadc4269102ee724

      SHA1

      f868db372be9ddb1c8594b2277a7f3d1f2fdf188

      SHA256

      4f5167edf1bd74ee988a805edd7246c492a1c2e74878e13272aa16acb32328d1

      SHA512

      fd954ac2e63135be45e041694a8113ef75f6b7874fa3fcad7652e7e1cdfa9d2dd90209c0bbf83e9c928906038a545db19889b5a8242efb83a4a8700437aec2b1

      Download Submit

    • C:\Users\Admin\qieeru.exe
      Filesize

      7KB

      MD5

      f157b1fdc49204ffe6038a395f2704d8

      SHA1

      83ca205b94fa3045b0068a0bd4e620286b855efa

      SHA256

      70c02075f37dd36dbceedf1463611fcc7a1eb7557372df3813e46f7a27dd3458

      SHA512

      00cb958a27b02f1a0e5c12b87907cbe830ed52740429ca3ca9974de07c3c118494442316f791cf49a77abf79c70fb6f5f9a73cb9e8a2cf0027d81f56174a2cdd

      Download Submit

    • C:\Users\Admin\qieeru.exe
      Filesize

      35KB

      MD5

      12fe9bdf36dd094b99a1b289b43df6b1

      SHA1

      cdb21be547e406b070e45b779e12aed8317326ed

      SHA256

      232bac7d33fafcf327969be34a2d5458ebfd970e910bbf68a55d1ccd207d315e

      SHA512

      88e9db456108b30150983d338fe844bd217a51c1004fa95f6c504f43550493548b1a9c8e03ea360a028631bd1e9103aa65f1f89f19003b0af049045771f4b796

      Download Submit