Analysis
-
max time kernel
141s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
25/12/2023, 10:11
Static task
static1
Behavioral task
behavioral1
Sample
1643175db955cfd54799ef910c474d6c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1643175db955cfd54799ef910c474d6c.exe
Resource
win10v2004-20231215-en
General
-
Target
1643175db955cfd54799ef910c474d6c.exe
-
Size
5.5MB
-
MD5
1643175db955cfd54799ef910c474d6c
-
SHA1
34cfb75740bab67df7d23eee6200425d54e1ec58
-
SHA256
6b75d14148d0e017235762b9d42cfa0c9c11567fe16887df68c7073fb9df033f
-
SHA512
5afae28d6aef4318c1d7f8489a76ff88bf3c03e9dbc242325093a894e9648d8d4dede5acbc025c9b8809f92d0d6110a7707c1947d6722577c87b8a2eb5726288
-
SSDEEP
98304:G+Uavwj2aotBTtpYQodXE4j1Xsxgqwy/ZMGvtDrHuzQTwT4kBTnR7HJRHgQq:dPaITtpYzJlj1XsxgE+qVsQZkDzJRK
Malware Config
Signatures
-
Loads dropped DLL 5 IoCs
pid Process 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe -
Drops file in System32 directory 1 IoCs
description ioc Process File created C:\Windows\SysWOW64\SkinH_EL.dll 1643175db955cfd54799ef910c474d6c.exe -
Suspicious use of SetWindowsHookEx 15 IoCs
pid Process 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe 4972 1643175db955cfd54799ef910c474d6c.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.1MB
MD5ad2b244ff72d939edbf0c4a6f09da3ee
SHA180c7f64507e056d481b2e0458d77bd4d054ba5c7
SHA256dc2835daa19190c24b39df6bcb7e5f6c2a53d0103eb6d9eca9ec677030e92f2a
SHA512a8be4be844f12624c2e5dacb060a7353f94bdbc6d9bd646bb698dd3519e2c64e513a15c10183152c5c658e7c844803dd7d172f39e075aa271a927345a8d55d2e
-
Filesize
40KB
MD5070766440397d544a271c013c7e9c832
SHA1b31487cdbe1f5ba749fab295e0671b01865bb0da
SHA256f6d9d463d9a12503acac21c2ecac7c1af6dca66d19323831f308566163e57b86
SHA5128b823defc99ef7b054e89788b25d3a0797529ffa8e48d6f4d66fc772b4a2f992a490076ee4037e65c7911626025aa32769a9cf253b81e74ed5cc0fd083308017
-
Filesize
688KB
MD5bd42ef63fc0f79fdaaeca95d62a96bbb
SHA197ca8ccb0e6f7ffeb05dc441b2427feb0b634033
SHA256573cf4e4dfa8fe51fc8b80b79cd626cb861260d26b6e4f627841e11b4dce2f48
SHA512431b5487003add16865538de428bf518046ee97ab6423d88f92cda4ff263f971c0cf3827049465b9288a219cc32698fd687939c7c648870dd7d8d6776735c93c
-
Filesize
128KB
MD57a30aa57f27308df286299d79f870c2a
SHA1aa662cb05197c51ee9c5dfdc13465cf17cfbfc38
SHA2561262c94c1a5b382b6f3d94464dc0beb5f4882afcdcbfcf9a76d35a8c18e4586b
SHA5122d440574525672a821a73461ae080d2a4676067c0237e1a19bd8c4c83e125fafa74dda0fe3791e36cf01299b0d19943e7897fd40c4bde07214167fcbc88a1c5e