Overview

overview

3

Static

static

3

2c5e4f528a...d9.exe

windows7-x64

1

2c5e4f528a...d9.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 16:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2c5e4f528a48eba56aa239a541f869d9.exe

  • Size

    1.2MB

  • MD5

    2c5e4f528a48eba56aa239a541f869d9

  • SHA1

    ae32cb5b8d4425025edeacb982f2334550973839

  • SHA256

    17c68ab233515f2b0bfbbfaffd38181b5fc2d6d1191b853a0dc7f50cef03caaf

  • SHA512

    37c5cb1799ece1da86498d7e3a8e9b1132cb7374aabe45d02572dc83618f129dc7e6c3ddd3d391c0c03727511638ea50e94a4fcc1d701779623090e7ed95f036

  • SSDEEP

    24576:Zci9FP9+poIT59mbzbEqXd78ME8sdsNDezqW1155:ZcIV+mIt9mnYQxvUsNTWd

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2c5e4f528a48eba56aa239a541f869d9.exe
    "C:\Users\Admin\AppData\Local\Temp\2c5e4f528a48eba56aa239a541f869d9.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2264

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2264-1-0x0000000000220000-0x0000000000221000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2264-0-0x0000000000400000-0x0000000000537000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2264-2-0x0000000000400000-0x0000000000537000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/2264-3-0x0000000000220000-0x0000000000221000-memory.dmp

          Filesize

          4KB

          Download