Overview

overview

7

Static

static

3

51948ff549...b5.exe

windows7-x64

7

51948ff549...b5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 20:47

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    51948ff549e2ac216e80a02b5e0dc3b5.exe

  • Size

    20KB

  • MD5

    51948ff549e2ac216e80a02b5e0dc3b5

  • SHA1

    e0f02246eda54dc76135bd2bd548309e5a312094

  • SHA256

    5e12f4df428d76818ebec04d7083af072aaee5fc9e700927f3d9a90f60f8acf7

  • SHA512

    4c8760eb9ab6221b738df077f61fcb1bd893b5d0e89470fce64ad8d1e602f9f899f978426ae4cec6f83d0ebd4379d021881aac68ef406973f4cad4243c5c74b7

  • SSDEEP

    384:E9silEV9jb4uFBl1IRcVOJHm4j+KRRJ3pyFpiOLJb:kirb4uFn1IOy5+KRPmpiOLJb

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\51948ff549e2ac216e80a02b5e0dc3b5.exe
    "C:\Users\Admin\AppData\Local\Temp\51948ff549e2ac216e80a02b5e0dc3b5.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2692

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\WowInitcode.dat
          Filesize

          22KB

          MD5

          930a57ca5cd1d2c159c2bbadc3a61cb6

          SHA1

          6acaecfd415778136e8fc5f5ca407adcb61724f1

          SHA256

          0ea320c2f4290ad6a74a7e7a428886d18e698dc4d0d9ac829405108a1e2e5623

          SHA512

          ac8290b0f249cd7bd5c0e0aad01b54a240f6e67f9c4971a6401f6e4a54f9a6e98ac8fef178ac3c13deacd482577a3b97dfca0044bb4fb484da502eb1075e09b7

          Download Submit

        • memory/2692-0-0x0000000000400000-0x000000000040E000-memory.dmp

          Filesize

          56KB

          Download

        • memory/2692-6-0x0000000000400000-0x000000000040E000-memory.dmp

          Filesize

          56KB

          Download