Overview

overview

5

Static

static

3

46bdfc494e...16.exe

windows7-x64

5

46bdfc494e...16.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-01-2024 17:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    46bdfc494e1fcb743c8f7fc2722ec716.exe

  • Size

    67KB

  • MD5

    46bdfc494e1fcb743c8f7fc2722ec716

  • SHA1

    a111b1563f4422963222aaee7d80b182238d0eb5

  • SHA256

    88dc580234c9dd24c2d7bca59bd81f8b60c2f8ce056eb9ff3641fda03d29ffcf

  • SHA512

    9f5e2e393b8399cf252578915ee5f992d4ef424e5f263b2ae46f82ee1f11e6082f98746c514bf1cad2e34aae8566de2ebb21d71b4127631aa2561256103e9d88

  • SSDEEP

    768:efrx2A8f3tIe5zC9tv/b8yHE53oSorRUvCsguxv3Vrpl859ubT3VpcxvSbMHnUTK:hAk3tmY5Kr2CshxHGK7HqUT60ek8

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3520
      • C:\Users\Admin\AppData\Local\Temp\46bdfc494e1fcb743c8f7fc2722ec716.exe
        "C:\Users\Admin\AppData\Local\Temp\46bdfc494e1fcb743c8f7fc2722ec716.exe"
        2⤵
        • Suspicious use of SetThreadContext
        • Suspicious use of SetWindowsHookEx
        • Suspicious use of WriteProcessMemory
        PID:2256
        • C:\Users\Admin\AppData\Local\Temp\46bdfc494e1fcb743c8f7fc2722ec716.exe
          C:\Users\Admin\AppData\Local\Temp\46bdfc494e1fcb743c8f7fc2722ec716.exe
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of WriteProcessMemory
          PID:4772

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3520-10-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/3520-11-0x000000007FFD0000-0x000000007FFD1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/4772-2-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4772-3-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4772-6-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4772-7-0x0000000000400000-0x0000000000408960-memory.dmp

      Filesize

      34KB

      Download

    • memory/4772-8-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4772-9-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/4772-16-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download