e777266c9eacd94d02816c17f8e07e8328ea500ac0a63d61432562750cad74c7

Analysis

max time kernel
2s
max time network
109s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
11/01/2024, 15:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

53da0dbb6f1cea304568b278d1a1d098.exe
Size

92KB
MD5

53da0dbb6f1cea304568b278d1a1d098
SHA1

9ff7df46a012aadd8b2f05478b1ca792b00e2a97
SHA256

e777266c9eacd94d02816c17f8e07e8328ea500ac0a63d61432562750cad74c7
SHA512

61fe2b925a0237797e8ffa5f9d2879ff5f40ba61e03aadbee1bc8728294e7a152ef326e7aaebd7438b358bde21179fe6f0ff021b7133a18287346e79ae83a3e2
SSDEEP

1536:GWOg/+vOxt0c5hfHP1qlmv60lHj4UraTPVPSPkP4PjPAkbohaWdV7lObdEZxHwAx:GjA0c5Olmv60l3LbohaMAuwiNCP7+

Score

3^/10

Malware Config

Signatures

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1640	53da0dbb6f1cea304568b278d1a1d098.exe

C:\Users\Admin\AppData\Local\Temp\53da0dbb6f1cea304568b278d1a1d098.exe
"C:\Users\Admin\AppData\Local\Temp\53da0dbb6f1cea304568b278d1a1d098.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1640
- C:\Users\Admin\geouduq.exe
  "C:\Users\Admin\geouduq.exe"
  2⤵
  PID:1688

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\geouduq.exe

Filesize
92KB

MD5
a57534a1662ff75433a0933419852e80

SHA1
319530c1a66c5ade2d6018d519963545009a21fb

SHA256
41c081a87769210e20c6800404e396f01e9ea35ec6fad36f88573e47092ff5b1

SHA512
0aa12ba1f2438023eab212164153a96f8d048fac76a8d1e44760dcd80bdf01a82e57d3206a1b7d39c11eeb76104c8a076c435fc07d3410329169dc4ff27cd8e2

Download Submit