Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 04:22

General

  • Target

    4f91615b8db0ce53bcf288a4d3358237.exe

  • Size

    84KB

  • MD5

    4f91615b8db0ce53bcf288a4d3358237

  • SHA1

    e003f7b283535dbd421e75071b8b9a4f46aace47

  • SHA256

    6f856e8def398a19848dd7642e86a67eb6dccd1be63302abdf6a9715187191db

  • SHA512

    f943a28d37ca34236c2f5f53b65d59cd3c0fa5b3b9a26c00abda4567708b4886b3167c04b00a3b7191260e9fcb3d3941109c96bc65b8f8500678fad19a38dee6

  • SSDEEP

    1536:4hLPpTFsdgfVTWoz4uSBrTEV8p9MtjeFAo:4NPpadCVTWoz4uWwBtyFAo

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Adds Run key to start application 2 TTPs 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4f91615b8db0ce53bcf288a4d3358237.exe
    "C:\Users\Admin\AppData\Local\Temp\4f91615b8db0ce53bcf288a4d3358237.exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2316

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\mhs2.dll

    Filesize

    44KB

    MD5

    ced383d363fd6ae89b29daec251e1ef9

    SHA1

    f7010c8ffcb470e43411acb82f10f7a157fde45e

    SHA256

    0044357ed10dc8083b80aa13af68e974856fe9d8853700a7649fb21b75690d17

    SHA512

    04f287f3625eb8dc906c24359224e505a6ace461acc2a956a81a71ef48d70d68399a68f464a254d3edb4ae68c909e1c8988c4bd87aaf3f0c6cb06d4c995ef5a7