Overview

overview

6

Static

static

3

6122009aaa...a4.exe

windows7-x64

6

6122009aaa...a4.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    136s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 08:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6122009aaac62d6fad5b0086aad182a4.exe

  • Size

    24KB

  • MD5

    6122009aaac62d6fad5b0086aad182a4

  • SHA1

    faf61a92ae6b61c2a8d24b317088be4d29a69430

  • SHA256

    e911bf40d462f499655ba79ae964b88bed6086027c3cd564a5124a09f3d405b9

  • SHA512

    054aeb4d425f9dd2a67ba1c22a54bcab9467259b5929c8848e1e15bfcd2972bbd66a3b4b9facfdfc6990e9dc4479dc055662ab54ccd949b039aa6183119c1821

  • SSDEEP

    192:/Tatzp0HMTiQNjkvI4Zx9VyXB1F797DLgmInbSsWO2Dlnz7rzp0H:/Ta+MTPkQ4ZxaRrVUJHcDlnXw

Score
6/10

Malware Config

Signatures

  • Looks up external IP address via web service 1 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6122009aaac62d6fad5b0086aad182a4.exe
    "C:\Users\Admin\AppData\Local\Temp\6122009aaac62d6fad5b0086aad182a4.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:3672

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\ip.tmp
          Filesize

          104B

          MD5

          f774b8e2aecac9a944da5a68087a137f

          SHA1

          8e46422d6f64ddddd23e43f7c03884b49806be3c

          SHA256

          4513d57bf26ddec0f34d8034b7686bf8bcaf41f5e52adc1f07da415e39f45cb4

          SHA512

          2e54a770b90558e5ce2d2cae2b3a311bc47dce1f9229d3704daa6eb83c357c16c8f56c03329ccf013378f26d0718b889adc001a28c0393b2357161536b8021b3

          Download Submit