Overview

overview

1

Static

static

1

alphares_x64.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    111s
  • max time network
    89s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    24/01/2024, 13:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    alphares_x64.exe

  • Size

    533KB

  • MD5

    305a80f15034dd96fb8a31ca54d3e675

  • SHA1

    7d0a5c6e493069418f82ea724e4d654a2cd1370d

  • SHA256

    7c50f9615a0787084ad116f6a018360195dd73effcf2e2399b21a2d6e2dd1c51

  • SHA512

    e1df37503e067290a20b3619804f65be59007214f0ca1921da9e5bb2c5f895c21d058f90effd2231f8e7721ecee5ab0378fef52ed79156f6375eb143246698da

  • SSDEEP

    12288:OcexszYCYTNsbI3j1HBP7bJSiK44p8KzOUi05:6WUCYmbio/4Q8KzOUi05

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\alphares_x64.exe
    "C:\Users\Admin\AppData\Local\Temp\alphares_x64.exe"
    1⤵
      PID:1624
    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
      1⤵
      • Modifies registry class
      • Suspicious use of SetWindowsHookEx
      PID:4748

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
            Filesize

            10KB

            MD5

            58096116e79340a5a502fde9000cf7c6

            SHA1

            8b0aff0d427ac063614dec344012b6a0153fe977

            SHA256

            d8109c024826ba31fc8911a7734e1eb6bc6604a59089704889605eac3092db9d

            SHA512

            733618dbaeba6a78b7d54f96fe2006356ed3703b8696d4d6965e5e96034999cb2cfd86666ef547630582c9aecea4b1d992293831b160509b1cd22410d5b3d0f9

            Download Submit

          • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\~earchHoverUnifiedTileModelCache.tmp
            Filesize

            10KB

            MD5

            6161ba819ac59da1270c7f24382f58e6

            SHA1

            2689c6fd62b4c7361f35dbe08113518e0dfd6484

            SHA256

            07ffc963782496256866fd4b088de7c3c6d0a0c59a4d6ef658eedc8cd74dfa06

            SHA512

            e21cf62ba7e2639abb0b5761e26ae45bf360ef7999b643ec4ff21907944d4735d19007d5a78d21b74f1bff936e4c7844549e46ce84a40e87441778470264e3cf

            Download Submit

          • memory/1624-18-0x00007FF6F6A40000-0x00007FF6F6ACB000-memory.dmp

            Filesize

            556KB

            Download