Overview

overview

7

Static

static

3

66fac09913...9e.exe

windows7-x64

7

66fac09913...9e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    182s
  • max time network
    204s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/12/2023, 10:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66fac09913ed5623853c0ff77c60a19e.exe

  • Size

    717KB

  • MD5

    66fac09913ed5623853c0ff77c60a19e

  • SHA1

    4c617e4ee809be84ac374377f2a733291b38afb6

  • SHA256

    dc9052e66bc141a06103044e573c45afc7ffa4b2d721f6b9a507a3b723b392fc

  • SHA512

    12f1e073f9654c7a835e418ca4f4e59f436128ec56bcc9926ce92bf9993c8479be1498c0f02eb449f0e09de8be3dd6ee439a5733a5fb28c92d8377d2b343c798

  • SSDEEP

    12288:qhxyC04K4L3ykGC15HbQw/dVDeTC5NXGFdYJWEPU/CJDhbSYEM9:qhdK4L351mEdVmIJsYJWEDJDcw

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66fac09913ed5623853c0ff77c60a19e.exe
    "C:\Users\Admin\AppData\Local\Temp\66fac09913ed5623853c0ff77c60a19e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
    Filesize

    1.1MB

    MD5

    11696f334778bda9231aa6b72bbcdaf7

    SHA1

    09c604c90578fcbd4f596bdb013938a7523afbc8

    SHA256

    f1cd13f9ec76d87d4f5351ec5eee092fc530cde46bc71f74e0bd6c9fd7de9b9c

    SHA512

    071e8bd5ab8e4f12bbaf949c6979207257147eb8aa1d6ef7741ada64938721a15f8e78c6f74e74b642bdb5fde1e99b6059275c1e6b3d294f6e6c9071dd5535d1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_N4\xplib.fne
    Filesize

    80KB

    MD5

    2428c64705f8c9201a816edd07237443

    SHA1

    220b3bcffd333fcdf585b129015cb086d762f0af

    SHA256

    6b1651e03dc8fa46ea85f599cadee51944777139a9da9ef4e50fd7a25c7aefcc

    SHA512

    e3830b5a123fc9d0daf7f1885dadd762d63c66af39375c3251eb24021f015b14be33eb7ac339c499a0dca9a8e7263cbb2412bcd9ecdaadd7484360d7e600d787

    Download Submit

  • memory/1860-0-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/1860-10-0x0000000002340000-0x0000000002354000-memory.dmp

    Filesize

    80KB

    Download

  • memory/1860-13-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download