5735ad1d24d79cc299d76e0d6772c07c80dde517afe6301d6f86601cb0523c1e

Analysis

max time kernel
0s
max time network
135s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
26-12-2023 12:35

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

6eeda62e0348e238627d623fd17be5cb.exe
Size

693KB
MD5

6eeda62e0348e238627d623fd17be5cb
SHA1

3fd03d053d2f3b525ea7bf9efcf57c7c05803e61
SHA256

5735ad1d24d79cc299d76e0d6772c07c80dde517afe6301d6f86601cb0523c1e
SHA512

e5ba0619950173e31f33d9277a18dd6f304ce9e41be4cbaad0d71a7947c6d76279324ef919b51634a0a239b1dc030ccb31e946d47d9c7c1a6aaeb887aa76cd62
SSDEEP

12288:HPqlDAbt2HGn1dlrRe0eBkjvKghJqmMIAp4805TBzHeFd:HCrHGn1bYlkjv5hJ3MIApL05NzWd

Score

6^/10

evasion trojan

Malware Config

Signatures

Checks whether UAC is enabled 1 TTPs 1 IoCs

evasion trojan

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA	6eeda62e0348e238627d623fd17be5cb.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3536	6eeda62e0348e238627d623fd17be5cb.exe
3536	6eeda62e0348e238627d623fd17be5cb.exe

C:\Users\Admin\AppData\Local\Temp\6eeda62e0348e238627d623fd17be5cb.exe
"C:\Users\Admin\AppData\Local\Temp\6eeda62e0348e238627d623fd17be5cb.exe"
1⤵
- Checks whether UAC is enabled
- Suspicious use of SetWindowsHookEx
PID:3536

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads