f066b7635fc8617ba9e54cc19053d6f8b8af0e4d7eb2c38c07885fbb709f4c79

Analysis

max time kernel
119s
max time network
123s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30-12-2023 00:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

08cfa1c4a619bfbb6bb2fd815ae9d927.exe
Size

572KB
MD5

08cfa1c4a619bfbb6bb2fd815ae9d927
SHA1

0e74d2f100f7ac77779b00794a93ad6322af563e
SHA256

f066b7635fc8617ba9e54cc19053d6f8b8af0e4d7eb2c38c07885fbb709f4c79
SHA512

716fde45e2db9f6c2c3ca25a3c8dfe8133f2548336a720ba827e68051e7e627883cac8106cbcdb240069930e77fa9924c4636c7a4269efad3744242cd982a5e9
SSDEEP

12288:wGtQWVoI+b7x2xCNOVQkh2KV2VPqH1HAg8tCVdAR5:HtQW6Iw7KJqkQKV2VPK1gyVdAR

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2096 set thread context of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28
PID 2096 wrote to memory of 2776	2096	08cfa1c4a619bfbb6bb2fd815ae9d927.exe	28

C:\Users\Admin\AppData\Local\Temp\08cfa1c4a619bfbb6bb2fd815ae9d927.exe
"C:\Users\Admin\AppData\Local\Temp\08cfa1c4a619bfbb6bb2fd815ae9d927.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2096
- C:\Users\Admin\AppData\Local\Temp\08cfa1c4a619bfbb6bb2fd815ae9d927.exe
  C:\Users\Admin\AppData\Local\Temp\08cfa1c4a619bfbb6bb2fd815ae9d927.exe
  2⤵
  PID:2776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2096-19-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-14-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-2-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/2096-0-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/2096-13-0x0000000000550000-0x0000000000551000-memory.dmp

Filesize
4KB

Download
memory/2096-12-0x00000000003E0000-0x00000000003E1000-memory.dmp

Filesize
4KB

Download
memory/2096-11-0x0000000000510000-0x0000000000511000-memory.dmp

Filesize
4KB

Download
memory/2096-21-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-10-0x0000000000540000-0x0000000000541000-memory.dmp

Filesize
4KB

Download
memory/2096-9-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/2096-8-0x0000000000290000-0x00000000002F0000-memory.dmp

Filesize
384KB

Download
memory/2096-7-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/2096-15-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-22-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-18-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-20-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-6-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/2096-1-0x0000000000220000-0x0000000000224000-memory.dmp

Filesize
16KB

Download
memory/2096-16-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-25-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-40-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-29-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-32-0x0000000000400000-0x00000000004E3000-memory.dmp

Filesize
908KB

Download
memory/2096-34-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-24-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-26-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2096-33-0x0000000000220000-0x0000000000224000-memory.dmp

Filesize
16KB

Download
memory/2096-30-0x0000000003160000-0x0000000003260000-memory.dmp

Filesize
1024KB

Download
memory/2776-31-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2776-36-0x0000000000400000-0x0000000000408960-memory.dmp

Filesize
34KB

Download
memory/2776-35-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2776-39-0x0000000010000000-0x0000000010013000-memory.dmp

Filesize
76KB

Download
memory/2776-27-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads