Overview

overview

6

Static

static

3

177b7dc6a3...10.exe

windows7-x64

6

177b7dc6a3...10.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 10:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    177b7dc6a327e1bc0c89eaec42c99210.exe

  • Size

    269KB

  • MD5

    177b7dc6a327e1bc0c89eaec42c99210

  • SHA1

    fbd34b585bceca05d49f536d656d3641e1e753ab

  • SHA256

    e278db547acea9f0800f671616c2f45d8770e90c883b2f3c5c85301318d7c259

  • SHA512

    5a7e170ccbd01975ed594ced3729f34ed01e90ed2dc4fa5520eb6229b957823c74360a21de116f16dbfd4a49bd68a26e4fc3d7cb79286ed8b5970d0ecc6f490a

  • SSDEEP

    3072:uwRs3EBKGlDCNR3JxjczH0Kkgtj+d/xs5Lz+0C5MQkKaeMzev8z7b4Zy+JqI:JRWqKKDCNR3JxjW0Kg0C5MQToa8z7bj

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\177b7dc6a327e1bc0c89eaec42c99210.exe
    "C:\Users\Admin\AppData\Local\Temp\177b7dc6a327e1bc0c89eaec42c99210.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:3860

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3860-0-0x0000000000400000-0x0000000000449000-memory.dmp

    Filesize

    292KB

    Download