8367c0069e5d97f76459bdb4e4e2b1ac46bb9e7d45faab8ef29f0b05cfba1d79 | Triage

Analysis

max time kernel
76s
max time network
42s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
30/12/2023, 09:51

Sharing

Report Analysis Logs

General

Target

14fb3aa135b6f20c45885fe916531932.exe
Size

934KB
MD5

14fb3aa135b6f20c45885fe916531932
SHA1

7fb6581ad891302d7854a2c87e1791c4b1410124
SHA256

8367c0069e5d97f76459bdb4e4e2b1ac46bb9e7d45faab8ef29f0b05cfba1d79
SHA512

f973d383542c371ac6206a4222a72f30a4b5bde14563d2566ed8a6a9befc5ee74a008c085556abbc1cd4cf6cacc7e5b4c7809347ac1ff2f3fdb5218f052b1145
SSDEEP

24576:47LYuVQLt18BymqtURjZnli5klHAAKyhsyoc98:0Yu2512qtURjZlacHHb98

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 2 IoCs

description	ioc	Process
File opened for modification	C:\Windows\1.4 XR Bot.exe	14fb3aa135b6f20c45885fe916531932.exe
File opened for modification	C:\Windows\1.4 XR Bot.exe.PreARM	14fb3aa135b6f20c45885fe916531932.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2572	14fb3aa135b6f20c45885fe916531932.exe

C:\Users\Admin\AppData\Local\Temp\14fb3aa135b6f20c45885fe916531932.exe
"C:\Users\Admin\AppData\Local\Temp\14fb3aa135b6f20c45885fe916531932.exe"
1⤵
- Drops file in Windows directory
- Suspicious use of SetWindowsHookEx
PID:2572

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads