Overview

overview

10

Static

static

3

7517ac4bbd...57.exe

windows7-x64

8

7517ac4bbd...57.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7517ac4bbdde7bd77fe83fe6af2b2657.exe

  • Size

    412KB

  • MD5

    7517ac4bbdde7bd77fe83fe6af2b2657

  • SHA1

    da89c51abd0eed3afa21fc09b33313edea8a4aa6

  • SHA256

    f17ad2d39f922fa8f2f888954e6783349afbdaa205f60318cfec4561e1d9fc9d

  • SHA512

    e15c49dab3bd5fb97981891569071e543b555c9f21d9c2e3be5a88b17e4b42feae1492390b32542f782f5e603863cc155ffecb9a5118a83f5a2cb0f6e161de00

  • SSDEEP

    6144:g7f6p0X4qumAxSRLnoPhL20gKc1ilJPZNkCLNr3Kr/u2x58uncuCKWYyYCcFV4ry:Pp06UI9gKcaLLSdCKqYCemfxDIz

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7517ac4bbdde7bd77fe83fe6af2b2657.exe
    "C:\Users\Admin\AppData\Local\Temp\7517ac4bbdde7bd77fe83fe6af2b2657.exe"
    1⤵
    • Drops file in Drivers directory
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1308
    • \??\c:\program files\Realplayer\Sample\GetVersion.exe
      "c:\program files\Realplayer\Sample\GetVersion.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2812

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Realplayer\Sample\GetVersion.exe
    Filesize

    412KB

    MD5

    f1eb84f9cae6529a6c28d5f9e7ef0dd2

    SHA1

    113be7d1d14800122d68c50f3b2d3c67197a5099

    SHA256

    cc80546ac0f0e898cdcab073770957a6bfcc48b4709679cf6f3bf6fe2fec6a55

    SHA512

    43c5e51e184236560bf651568047825d8230ec49e55898fab9c130cf0b7e1ce2aaf6ac4e05ed8e77b730d9b435f75ebfb5b306f5b98e256b6ecaca9ca717827a

    Download Submit