451bccbf953b2580c722765eed3c8620b3979af266e220fc42d4e0ccb52854eb

Analysis

max time kernel
148s
max time network
119s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
29-12-2023 23:45

Target

0765d2a48a0cab5e7d26b1ef1dc66dc5.exe
Size

184KB
MD5

0765d2a48a0cab5e7d26b1ef1dc66dc5
SHA1

93e9628615fa8820a6233793489365323ddeda7f
SHA256

451bccbf953b2580c722765eed3c8620b3979af266e220fc42d4e0ccb52854eb
SHA512

b1796fdc748ad27805e23997bfcd2dafd2a4f642a290fe43e507fd63618306743c657dbb30f7b30f268389f9c9abab1568cf295a3e5784ce7964f48a2050c741
SSDEEP

3072:2yS9U0G7HVflvjeraT5utok7S3VU/Gio30ojFFtLuY5kClvdu7I:2ygWl50tx7S3i/GiMNaodu

Score

4^/10

Drops file in Windows directory 1 IoCs

description	ioc	Process
File opened for modification	C:\Windows\win.ini	0765d2a48a0cab5e7d26b1ef1dc66dc5.exe

Modifies Internet Explorer settings 1 TTPs 1 IoCs

Modify Registry

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-3803511929-1339359695-2191195476-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser	0765d2a48a0cab5e7d26b1ef1dc66dc5.exe

Suspicious behavior: EnumeratesProcesses 6 IoCs

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3944	0765d2a48a0cab5e7d26b1ef1dc66dc5.exe
3944	0765d2a48a0cab5e7d26b1ef1dc66dc5.exe

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

C:\Windows\win.ini

Filesize
109B

MD5
af67d09d79ea8d6add29218923a9124d

SHA1
cb3ba7045f001b1c100626fe728a1aef04a121b3

SHA256
b7f88b3ec683cff30d598173b1dfdeb8601c734cff3abc04053552d5a87a3af7

SHA512
71892224edf80b38e1d5f8ed249a180cb10f8c238412ad841f0e8514cf7754d4fed6d1bfaf916b8295a90e1a7b9dab47088a7f9b4a8e734ef87292c709b5891c

Download Submit