Overview

overview

6

Static

static

3

23602e7406...81.exe

windows7-x64

6

23602e7406...81.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    171s
  • max time network
    186s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 01:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23602e7406d6db7db69cf9844b545e81.exe

  • Size

    4.3MB

  • MD5

    23602e7406d6db7db69cf9844b545e81

  • SHA1

    565a4999f652c9f5339b6915b6421f0392de62b1

  • SHA256

    53cf8d085dc6d516bc1c933b992c5296e3aa57cc11da52c2f1ca7ef0bab1af43

  • SHA512

    78c5ca7e844d4a409b68d850601662ef1685e79dd9ab9b6dc7f547aa347f50db7975f5ac7226a421306670e6acf6e257a47a3785be7c6981f9d085abc03eb52f

  • SSDEEP

    98304:pwsY1zqKdR4MK1FQq0DlayBYuBRyQ6lekAn6pTrCX5:pwl1zqgYqq0layyO2TZ2J

Score
6/10
evasiontrojan

Malware Config

Signatures

  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • Modifies Internet Explorer settings 1 TTPs 7 IoCs
    adwarespyware
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23602e7406d6db7db69cf9844b545e81.exe
    "C:\Users\Admin\AppData\Local\Temp\23602e7406d6db7db69cf9844b545e81.exe"
    1⤵
    • Checks whether UAC is enabled
    • Suspicious use of SetWindowsHookEx
    PID:2296
  • C:\Program Files (x86)\Internet Explorer\ielowutil.exe
    "C:\Program Files (x86)\Internet Explorer\ielowutil.exe" -CLSID:{D5E8041D-920F-45e9-B8FB-B1DEB82C6E5E} -Embedding
    1⤵
      PID:5060
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" -startmediumtab -Embedding
      1⤵
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4848
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4848 CREDAT:17410 /prefetch:2
        2⤵
        • Modifies Internet Explorer settings
        PID:1404

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2296-0-0x0000000000400000-0x0000000000420000-memory.dmp

      Filesize

      128KB

      Download

    • memory/2296-1-0x0000000000400000-0x0000000000420000-memory.dmp

      Filesize

      128KB

      Download

    • memory/2296-2-0x0000000000400000-0x0000000000420000-memory.dmp

      Filesize

      128KB

      Download

    • memory/2296-3-0x0000000000400000-0x0000000000420000-memory.dmp

      Filesize

      128KB

      Download

    • memory/2296-7-0x0000000000400000-0x0000000000420000-memory.dmp

      Filesize

      128KB

      Download