Overview

overview

7

Static

static

3

6525d0dcd0...6e.exe

windows7-x64

7

6525d0dcd0...6e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 10:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6525d0dcd0ad8d475a84bcba76ba906e.exe

  • Size

    281KB

  • MD5

    6525d0dcd0ad8d475a84bcba76ba906e

  • SHA1

    aa85fcf9a66836a4f2bdc19b21ff0c99f4609064

  • SHA256

    219f5d186f852763ca5b4f5f98f7aae90a386d8ff878ae8ffb28257bc2f1f997

  • SHA512

    8f04f024e9a8b55701424b37560c4a50d50fee07fe6fab92a1519f7517335f7cacf40dcdb2b57c8daed2c13d57ba3bbdb0c21ef75a397e871c44ee5e95418926

  • SSDEEP

    6144:Rrke6Y0JQBkQRl7174NpNUM+UHs+7iofqRRYGBz0tuUIHMy8J3Re:Rrke63yRl1uqM+gs+moa1VfBye

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6525d0dcd0ad8d475a84bcba76ba906e.exe
    "C:\Users\Admin\AppData\Local\Temp\6525d0dcd0ad8d475a84bcba76ba906e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2860

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\TsuE8E3343F.dll
    Filesize

    269KB

    MD5

    af7ce801c8471c5cd19b366333c153c4

    SHA1

    4267749d020a362edbd25434ad65f98b073581f1

    SHA256

    cf7e00ba429bc9f27ccfacc49ae367054f40ada6cede9f513cc29a24e88bf49e

    SHA512

    88655bd940e9b540c4df551fe68135793eceed03f94389b0654637a18b252bf4d3ef73b0c49548b5fa6ba2cf6d9aff79335c4ebcc0b668e008bcc62c40d2a73c

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{2B662C35-801C-4161-A38A-C83EF0850EC3}\Custom.dll
    Filesize

    58KB

    MD5

    d978ab14b923dfb05649495d8b15d2a2

    SHA1

    a4dd1a7cff3ea0dc8477067d5c46f80d6929cd6a

    SHA256

    df56060c9f5b7dd71487873ebb1bb0a695c0e61be67984602084d2d04ae9eb96

    SHA512

    aff35ca8ac67b4a857497ca0c1b501d619dc9d08b978ca0a303089d52dbcd7e1a207724d9cca76bcc9200e3e3736672a838e3caf995b4f0e537b206471a2a1ad

    Download Submit

  • \Users\Admin\AppData\Local\Temp\{2B662C35-801C-4161-A38A-C83EF0850EC3}\_Setup.dll
    Filesize

    145KB

    MD5

    dcb9a8355be913b52d77c9040141cd3c

    SHA1

    dca3c3c7249d5d0e77aed597893d0620d39da9d8

    SHA256

    d48a10c2e3ca2f9bd8d3daa8948c51b7d1a6a459e755c03964b0b1c2a78d0454

    SHA512

    7200f4ddcae9b12cc7feff9d92f2e32b7efd351c096b47cf7aef5cbdd3aca62181485941c53ac393610d27e2503f1e8eed05610e61c9d18d945eaa79fe395484

    Download Submit