Overview

overview

10

Static

static

3

ffbae270b8...f6.exe

windows7-x64

10

ffbae270b8...f6.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    2s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28-12-2023 23:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffbae270b8adccb51d2730ad96f56df6.exe

  • Size

    104KB

  • MD5

    ffbae270b8adccb51d2730ad96f56df6

  • SHA1

    f4f8e3fcb3ac816bb306f78d81bb20f9c4f0d8ad

  • SHA256

    76fc51ea0100ea6d790db6db0db60ddaaf4246da787b3af4c23ee9e34d132db5

  • SHA512

    8a832270af099b8fb0eaad20e11a806816f485136eb6b61f5807d9efded89778c902f2928a339a69968fb65b70760ac7a0e6c60bce64b530aa790a3b68af35d4

  • SSDEEP

    1536:lzdbAJ8xxp+pofZ71TDdxqh5c2+JTlD/5QOuqXRRRyRAR/RwRzyYWkMktgF4GPgn:0+5+pMI7cv776qL0oDi

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffbae270b8adccb51d2730ad96f56df6.exe
    "C:\Users\Admin\AppData\Local\Temp\ffbae270b8adccb51d2730ad96f56df6.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2652
    • C:\Users\Admin\cdwuc.exe
      "C:\Users\Admin\cdwuc.exe"
      2⤵
        PID:2588

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads