Overview

overview

7

Static

static

3

1df665d8af...aa.exe

windows7-x64

3

1df665d8af...aa.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 22:06

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1df665d8afcaca38204d505f760169aa.exe

  • Size

    105KB

  • MD5

    1df665d8afcaca38204d505f760169aa

  • SHA1

    66c19489ae485f2e158d7735395b39bda40d7a86

  • SHA256

    95c044a614ff0507c6e1234e34423d9e5bb25fead2539d4998f05d521025c281

  • SHA512

    b9783bbf1c4102bda2ca7ba69bde5d8560fdf3222b2e036b1c7edf7a30328124392f509124483e6aadb491f1ef0ba89eb1c8ffd9ca25dd2c4d313c7c98e8d52e

  • SSDEEP

    1536:dMUaOFarSkGIeyt1WWHo2fb77cVR3bixBNy6enS6SoMQ4Z1f2fFqn1RyB:dMjOeSkkfWHoGb74VR3b2BNFSIHu0PE

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1df665d8afcaca38204d505f760169aa.exe
    "C:\Users\Admin\AppData\Local\Temp\1df665d8afcaca38204d505f760169aa.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:1100

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\msxml71.dll
          Filesize

          119KB

          MD5

          b95b261fc65eeaa0ff9037319f850442

          SHA1

          169d501581d1db0198f0711fc480c62dfee983ce

          SHA256

          5b1699d9ee4906c3e5bf0c0287d48137046aa3beccfba828fd3cefb5327c73d7

          SHA512

          920256249a7db1437ee8952496f54168af5e385756803e4a3dd1e4d3ad14301b7bcf3c583b2bc44d24bede01ba4aee120d812d150597df1e308dd85ec091e4e3

          Download Submit

        • memory/1100-0-0x0000000000400000-0x0000000000430000-memory.dmp

          Filesize

          192KB

          Download

        • memory/1100-6-0x0000000010000000-0x0000000010035000-memory.dmp

          Filesize

          212KB

          Download

        • memory/1100-5-0x0000000000400000-0x0000000000430000-memory.dmp

          Filesize

          192KB

          Download