Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
24/01/2024, 03:11
General
-
Target
99284e8cfe9f19cd5ed4d07071ff533d.exe
-
Size
271KB
-
MD5
99284e8cfe9f19cd5ed4d07071ff533d
-
SHA1
80ce3c149c526f143252a6ca1d537a37d01b4c63
-
SHA256
32ca0cfae7d4735d63cd8d29b43db5e7421ef4a48fd15e45d8ece92209c5ce7e
-
SHA512
e6012c19f4da30c17cda03cdd71e18549ad68e066c4c6c36bbbb2651dc60cdd273f1b1924315c35a1938fac4fcc0c75f554cc024182c10c358ae380a520bf949
-
SSDEEP
3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\99284e8cfe9f19cd5ed4d07071ff533d.exe"C:\Users\Admin\AppData\Local\Temp\99284e8cfe9f19cd5ed4d07071ff533d.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\present\alternatives.exe"C:\Program Files\present\alternatives.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
271KB
MD556273db54af854dab07a17dfe95f2442
SHA110f2e6ac11c1fcd33a0f6d909c4d6f943902c85c
SHA2562e32338c2c06d148fe909f320c447f26abf987994e8e7c3fab554a5a08292941
SHA5121551d6d99055c9a5e4761a78a9c35cbf4b9cf8672570535f66b16a878e8d4c7b19e7abbff59595189657cf3598ce23f51e39bacefd95698678ea68062182665e