Overview

overview

4

Static

static

3

17e161c9c5...65.exe

windows7-x64

4

17e161c9c5...65.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-12-2023 10:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    17e161c9c509ab55baf9e38502389d65.exe

  • Size

    3.2MB

  • MD5

    17e161c9c509ab55baf9e38502389d65

  • SHA1

    872c56c1ee0af19692dd4d60460297d29128719f

  • SHA256

    d47ee8947d9b9ba8c9a4bac11b738cc462df1c3e27c4169b5a43c81cf23983b7

  • SHA512

    84068082e2855d6e82cf2d0a9d1e5bc6a07b5081a442a508b08b27d301d010cb49906f0fbc7b59ef5f6b85a0b93be4bf7554283e3784bab224b2eca9ff839ce3

  • SSDEEP

    49152:eCumB3g+EgJd0k7FTVXbHYcvz27PfMhFI75vXrSvSUROvKE:eCuog+EgP0k7RQPiFA5vXrSvStvKE

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 8 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\17e161c9c509ab55baf9e38502389d65.exe
    "C:\Users\Admin\AppData\Local\Temp\17e161c9c509ab55baf9e38502389d65.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads