Overview

overview

7

Static

static

3

04f423667f...7c.exe

windows7-x64

7

04f423667f...7c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29-12-2023 21:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04f423667f2d8e78ee335d6c53ffba7c.exe

  • Size

    3.3MB

  • MD5

    04f423667f2d8e78ee335d6c53ffba7c

  • SHA1

    3d180d58922594950b04f4338bc0463829d33498

  • SHA256

    e24bebde9118b4dca4eeeab98d0a76bd250d2ec23d72667aa4d47ef049397f9d

  • SHA512

    9243f64390d93c0be5e61ed345cf9643b56a5b1040d6c068d44f9674dac7702bb05f309cdaf04c715f2b59949f22a5f86a99c280c112dc48bd40373b1761c9f1

  • SSDEEP

    98304:g+yVTStFH7feSgq5xYCrFuNSTFQ6RScnE8xjrG5IdNlHjl/e:gFSrxZ5HTFQ6btxWYlDl/

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of SetWindowsHookEx 23 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04f423667f2d8e78ee335d6c53ffba7c.exe
    "C:\Users\Admin\AppData\Local\Temp\04f423667f2d8e78ee335d6c53ffba7c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\HTMLVIEW.FNE
    Filesize

    98KB

    MD5

    e1788237ffc2279f58ed869944f6fea6

    SHA1

    eb5f07107582cceb0a40409ebe07437d39a1b039

    SHA256

    aa56344e516de5cacde31707d782c0324e3344f4e8ab411dc70586d39028ba66

    SHA512

    f61ed5db570e371c5d5e0cdc6e70b368e8d854c4e76ae090961de0278b3d1e6c1e0840e5ddab1fd096c85df0c45e254bcabd556b796b5abdcfd9a36c0ad0c35f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\IEXT.FNR
    Filesize

    216KB

    MD5

    cba933625bfa502fc4a1d9f34e1e4473

    SHA1

    5319194388c0e53321f99f1541b97af191999a09

    SHA256

    25549c7781b3f1b92e73b0ea721d177207cce914a66f3229a71291f2eb160013

    SHA512

    f5fb4b97c4f68a20e0847e6528740ce659c4501726f3b2dff1ac83e88a3b7198099da03edb0f069cd4af7ed568a2373597b235cd239895addfa5226d3a444142

    Download Submit

  • memory/2140-0-0x0000000000400000-0x0000000000AF4000-memory.dmp

    Filesize

    7.0MB

    Download

  • memory/2140-1-0x0000000000400000-0x0000000000AF4000-memory.dmp

    Filesize

    7.0MB

    Download

  • memory/2140-12-0x0000000002C30000-0x0000000002E93000-memory.dmp

    Filesize

    2.4MB

    Download

  • memory/2140-19-0x0000000002B90000-0x0000000002BCF000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2140-16-0x00000000026D0000-0x00000000026DD000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2140-11-0x0000000002770000-0x00000000027A8000-memory.dmp

    Filesize

    224KB

    Download