2fed027d5ba93dee5b44fa3fcaf1c16fd66d9a89c93820f7debf332da8da9f16

Analysis

max time kernel
120s
max time network
126s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/01/2024, 02:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

57b8fd4c3dc79fea7d99dc5cf417726d.exe
Size

587KB
MD5

57b8fd4c3dc79fea7d99dc5cf417726d
SHA1

611c822f34d404aabbe2683ee4fc313db4c6eaf3
SHA256

2fed027d5ba93dee5b44fa3fcaf1c16fd66d9a89c93820f7debf332da8da9f16
SHA512

85e96c144df55bc8aec9852a315a68fe72fa13c56a877faa058ef6d9d1ebfab7576036cea3391c577f616865247f58e9ca8bbb07763d5d517482f057c3431759
SSDEEP

12288:gtOSJpWFJj39z5PTLEo/83hUCsBfAnJ42wArLFXR4r:gt1Pc39zpT3/qRMom2wAFXu

Score

1^/10

Malware Config

Signatures

Modifies Internet Explorer settings 1 TTPs 1 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-452311807-3713411997-1028535425-1000\Software\Microsoft\Internet Explorer\Main	57b8fd4c3dc79fea7d99dc5cf417726d.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1724	57b8fd4c3dc79fea7d99dc5cf417726d.exe
1724	57b8fd4c3dc79fea7d99dc5cf417726d.exe

C:\Users\Admin\AppData\Local\Temp\57b8fd4c3dc79fea7d99dc5cf417726d.exe
"C:\Users\Admin\AppData\Local\Temp\57b8fd4c3dc79fea7d99dc5cf417726d.exe"
1⤵
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
PID:1724

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1724-0-0x00000000003C0000-0x00000000003C1000-memory.dmp

Filesize
4KB

Download
memory/1724-11-0x0000000000400000-0x0000000000499000-memory.dmp

Filesize
612KB

Download