Analysis
-
max time kernel
142s -
max time network
144s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30-12-2023 04:56
Behavioral task
behavioral1
Sample
0f40e860bdae71ae350e5344067ebbc2.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0f40e860bdae71ae350e5344067ebbc2.exe
Resource
win10v2004-20231222-en
General
-
Target
0f40e860bdae71ae350e5344067ebbc2.exe
-
Size
340KB
-
MD5
0f40e860bdae71ae350e5344067ebbc2
-
SHA1
01d722388a97beb4dda62950e6bb48445e8dcf14
-
SHA256
62f9b49d986ab9b663cece4a09fc25209a27f3bf55f306bb36f4ca179e65858e
-
SHA512
28ed6562cf947eda6a1fdaca0b9fcec81cc8174fca5d82311ac3f85605cae49b5f2089e92a3cfac9c228f668e584ddf84ace899bd42574341a35385e25263db3
-
SSDEEP
6144:4sdL86I5UzsNHfxq+bXuXbVyDihgH2MuphBmQvGjJmKkwVrzed8iqCAT2HG2oS9o:4sdo6IWUHM+bXuXUm2UBfGjJpe2IHG2M
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2180-0-0x0000000000400000-0x0000000000500000-memory.dmp upx behavioral1/memory/2180-8-0x0000000000400000-0x0000000000500000-memory.dmp upx -
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2180 0f40e860bdae71ae350e5344067ebbc2.exe 2180 0f40e860bdae71ae350e5344067ebbc2.exe
Processes
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
788B
MD53dd9d98b6994f927b2881e914b4e167a
SHA137a76a12199a087390a38819411042d2338541df
SHA25685f3fc12267d1038a89d6818faeb1611640414c700aaa3a98020c11433d91ddb
SHA512a6cd34ea2f562b6bfdfe9dc11268d8af7798dd2a853f9950c370562955708474af9d09cf0da59b571650beebde867d3bb4c4d807ecfa75fb63a3ab5def8f28ae