Analysis
-
max time kernel
153s -
max time network
163s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
01/01/2024, 15:38
General
-
Target
596ed96973b640d32ae679f5bc47b760ab8778ba1a2826af8fde3f347686a038.exe
-
Size
4.6MB
-
MD5
3ac20377934747e454ff796164e3bd3b
-
SHA1
bc45da9c8e85a125bb726f4da7871ab8874103e9
-
SHA256
596ed96973b640d32ae679f5bc47b760ab8778ba1a2826af8fde3f347686a038
-
SHA512
82219a6c2fbddc7dee4bacfba25060d0ed2bb976acc18bf41ceee11fa57acd72856910db105a1f54ec1a7dd0740de45dd4cb354df608feb75daad5018f29428a
-
SSDEEP
49152:9Z2FwJ04JIhk0+XrYkf63plK6EcoDw4BBIfsNoMXBYRf/m/Pp5QET3VQUN9sJtdV:trJIevXrYS3w4BBxTYRfKPQcJBAUZL
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\596ed96973b640d32ae679f5bc47b760ab8778ba1a2826af8fde3f347686a038.exe"C:\Users\Admin\AppData\Local\Temp\596ed96973b640d32ae679f5bc47b760ab8778ba1a2826af8fde3f347686a038.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1412 -s 6722⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 364 -p 1412 -ip 14121⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.7MB
MD5707aa56cf742eb934185edf0a69d7289
SHA1dab68976c4bd2d420c8adcd268fc1ffdd5e277e0
SHA2563582d7ad93c54c2efddac6df4cf7d9e4b2ef1d8895dc9d12a781faf3cfb8bf12
SHA5128be50ffedd0a250b4519069cec5781a9d0182fe47dce79c1991fc775a9580550c4b512de37e3423dc5d22013dce4cdcb1f178becbf5ef8ccb610c7ccd6d0f54d