Overview

overview

10

Static

static

3

7516c98108...a1.exe

windows7-x64

8

7516c98108...a1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    119s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 17:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7516c9810867a33c21e80acac0a9b2a1.exe

  • Size

    2.6MB

  • MD5

    7516c9810867a33c21e80acac0a9b2a1

  • SHA1

    a23c21abab0afa3a1d0ae727f1666c303fd0b058

  • SHA256

    484349ea079bd611210283171441c46fe9461fb93f9ec7b7ce5757eb1892f0b3

  • SHA512

    5ff730f07423bb201634cd6f8504682e3927b7861bc16a0aded3d956da4abf3bb0f062d1c0f52018fb998d139fb4a4b6c03c383958116f314662ac50ce905412

  • SSDEEP

    12288:R2kKjkC+2BJ+iEpb7Pzz/KlRZFHb+uRB7Q5Sdn:Ro/+x7PzzSlRZFHb+GRQ5Sd

Score
8/10
evasion

Malware Config

Signatures

  • Disables Task Manager via registry modification
    evasion
  • Drops file in System32 directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7516c9810867a33c21e80acac0a9b2a1.exe
    "C:\Users\Admin\AppData\Local\Temp\7516c9810867a33c21e80acac0a9b2a1.exe"
    1⤵
    • Drops file in System32 directory
    • Suspicious use of SetWindowsHookEx
    PID:2508

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\Skunk.exe
    Filesize

    2.6MB

    MD5

    7516c9810867a33c21e80acac0a9b2a1

    SHA1

    a23c21abab0afa3a1d0ae727f1666c303fd0b058

    SHA256

    484349ea079bd611210283171441c46fe9461fb93f9ec7b7ce5757eb1892f0b3

    SHA512

    5ff730f07423bb201634cd6f8504682e3927b7861bc16a0aded3d956da4abf3bb0f062d1c0f52018fb998d139fb4a4b6c03c383958116f314662ac50ce905412

    Download Submit

  • memory/2508-0-0x0000000000400000-0x0000000000696000-memory.dmp

    Filesize

    2.6MB

    Download