Analysis
-
max time kernel
145s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
26/12/2023, 09:51
Static task
static1
Behavioral task
behavioral1
Sample
651a4e3369f29c137140458c143a4a23.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
651a4e3369f29c137140458c143a4a23.exe
Resource
win10v2004-20231215-en
General
-
Target
651a4e3369f29c137140458c143a4a23.exe
-
Size
1.8MB
-
MD5
651a4e3369f29c137140458c143a4a23
-
SHA1
133559632a551a7223f17205a660119f9e771384
-
SHA256
cf223bfa764f93e00c8716e09c5594e5102e12254001d778f04c07109a5e237c
-
SHA512
36e7337769d8451f9648f572842e30b3586db0ee2fe9b272810209676cc890eb256d82a45c6b43994f22f17294bc1041c7ac3e05236f2ad8277c2be6c5109071
-
SSDEEP
24576:0h4XStU4gf2EW5A2DJr/kS4vGIk6v3HffvXlxfwx8nuSaHxkoISY57RbTihj4rER:0h+h43Dp/wPHHvXlaJSkx1k7hiOaEGD1
Malware Config
Signatures
-
Loads dropped DLL 5 IoCs
pid Process 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe -
Suspicious use of SetWindowsHookEx 6 IoCs
pid Process 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe 2252 651a4e3369f29c137140458c143a4a23.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
514KB
MD5b86f61a424bd07b097a3921907acb229
SHA13270c851bee7f70e85421784979e3c2b7811c10c
SHA256e067da819c50095332e4bbb4fc6d63fb6ad6ee801d0a92d751c38044c4387530
SHA5129b7355e2c711a14aa92fb5bff0ef528ce933a74bcf9a5d3ca37fd3350c2010b2548e1b48eb7648efeb00db3deb4e5e2f36745c2d690853eb1a6234f530cd216a
-
Filesize
1.1MB
MD5cf46bb62a1ba559ceb0fad7a5d642f28
SHA180b63dd193e84bfacbe535587dd38471b8ea2c24
SHA256fe4bba1a99b332c8bbd196d3a2f3c78d9edc8f212842ff2efef17eba38427f67
SHA5121f71f31fdc1ef7695d7a6e79218a9192804178bb2af80486de4f8ff3d7e176860813a61fa265bf78fe4ff722a85b72798938d715d8a2a034ac759505197a1058
-
Filesize
48KB
MD537a58e1c5ce48e401ee8dd1d1da54814
SHA1a87d00d78838c2d968b72330ee6f21f69b2caae5
SHA2561c426928fb90bedb31fcffa0f3fbe7bdbca4259f93f5abdefed6a9a089f2982c
SHA512e85052fc305040bdcaf47262e0ce6eef0848b319baac72a076dc94e7d20ea7ad8fbdd7d5381606a3154ab84fe81429bb339123ac1cd94551b1dc9cecfb7a08bf
-
Filesize
13KB
MD5a152624b37f76f785f5ac7e54c91b745
SHA1c9df1dd86414df7f704c0e88259cc31ea1f261a0
SHA256fa6d97c81e2d5d16b68e5e043398d202a7f08753be1537d4627a70df2e14c499
SHA5129e6fcc306cdb07f4e48a7dbd2bb5ef4d950ade97c9b8cc0d5bb7b2d82656e1f2d186f5b5cbec650eb2bbe423b1c4a9683d239d5a7fd869fb700e7cccbce32a09