Overview

overview

7

Static

static

7

43853f8919...e9.exe

windows7-x64

7

43853f8919...e9.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    141s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 11:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    43853f89195dfedb72b3282a551a51e9.exe

  • Size

    327KB

  • MD5

    43853f89195dfedb72b3282a551a51e9

  • SHA1

    0e06827831052318750bb883c5feb824705750d6

  • SHA256

    113f166b9bbe8b8f552f6aee391003e4b724682539a0ff76cdd8162a4bf7cea9

  • SHA512

    fc4ff233b03cb6cf0a490ef1b645875b1e6f78a7e6ab3a7f587b1b9e3a527478ea9e565a673c5dc82727d26fafdb2ef02a9268080774cef02dccce35609f0325

  • SSDEEP

    6144:mGcOLhRbx+KE2nF9eCa2oQhcaZxmt+tEPNcjHGroqgMxxuqfSNFjM6OYbPwM:5cOLhRbx+KE2nF9eCaNQW0xmt+zarogW

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • Loads dropped DLL 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\43853f89195dfedb72b3282a551a51e9.exe
    "C:\Users\Admin\AppData\Local\Temp\43853f89195dfedb72b3282a551a51e9.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4232

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\kii596A.tmp
          Filesize

          123KB

          MD5

          9b6359cc6a367752bbd81e5be82b7f9d

          SHA1

          d15262ce928e8172d02f84ce947221c277821d84

          SHA256

          a01ab2c4aecca90a8cfa94d063fd87797418f447b9c960e509b313c9395ddb6e

          SHA512

          a79994a3a86f8a3078561c01796714c812c0baac2972534d44560d389bfa95374cae18caecb1eb31acec918757a0337456f6d9d829d04bbe3f87adc387f71a45

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\kii596A.tmp
          Filesize

          143KB

          MD5

          d4ea942e6ac09350515960ec2cea4b25

          SHA1

          e162871c9883a746d7cdb77214f2b188b256a82c

          SHA256

          30813ffd58687ed8eccb94a87b2eb3bea6b69297569d557e8ba370721afc8da2

          SHA512

          9d8c141fa4ff14412e7e6961037f931cf5f3b9497fde735d25750da5ee23eafdf4b0da7100ac726f008752e3e1153b53fb62a298deebcb8b42cc85f04100032c

          Download Submit

        • memory/4232-0-0x0000000000400000-0x0000000000430000-memory.dmp

          Filesize

          192KB

          Download

        • memory/4232-7-0x00000000006D0000-0x0000000000743000-memory.dmp

          Filesize

          460KB

          Download

        • memory/4232-8-0x0000000000400000-0x0000000000430000-memory.dmp

          Filesize

          192KB

          Download

        • memory/4232-9-0x00000000006D0000-0x0000000000743000-memory.dmp

          Filesize

          460KB

          Download