Overview

overview

7

Static

static

3

5166c6c7d3...cb.exe

windows7-x64

7

5166c6c7d3...cb.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 19:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5166c6c7d3fbfdbfa93a14fe4a56d5cb.exe

  • Size

    52KB

  • MD5

    5166c6c7d3fbfdbfa93a14fe4a56d5cb

  • SHA1

    05585a0facf4496de4105471b482d723992a00f2

  • SHA256

    aef37df93fddbe3b6855b610e5834f64b3dd6af272ceb28ceaf4b62ff05d172d

  • SHA512

    e516f4c8c5c1e9f6e7e3d9202410539cfa92b3f245e384c736722d563a9f06c76f0182b129191ce92eff66a9dbe6db4b808b6419dc292beba6b75093fcc69a34

  • SSDEEP

    384:N2NOX+3oK1QSo4ZwatngZnn6UT1HJv5tNGt806Wr4:kNY+3y4ZwatgZlZHJv5s6Wr4

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5166c6c7d3fbfdbfa93a14fe4a56d5cb.exe
    "C:\Users\Admin\AppData\Local\Temp\5166c6c7d3fbfdbfa93a14fe4a56d5cb.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2928
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c C:\delme4.bat
      2⤵
      • Deletes itself
      PID:2692

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\delme4.bat
          Filesize

          323B

          MD5

          596d2394535a0cccdbbf542f10c6595f

          SHA1

          8fd858845f9692aaf791973f7eaa6ef90954f8f7

          SHA256

          4d922be199ffa48cd18f5cc1e28508f4d49b578151ca04fc248741fa22cb4b0d

          SHA512

          666871aeef3ee8beee272afd63247568fba15cf836c9d942441caf00beadc13713b78388202215df522da26319ba4d544039a349c59b0caa26ca85c1922f706a

          Download Submit