Overview

overview

5

Static

static

3

7d88b9eeed...3e.exe

windows7-x64

5

7d88b9eeed...3e.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    28-01-2024 17:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7d88b9eeed6b4aee5c36d31ff6aa383e.exe

  • Size

    281KB

  • MD5

    7d88b9eeed6b4aee5c36d31ff6aa383e

  • SHA1

    47d3ce4a35da51d624a1fdd3de0edc6b605f6162

  • SHA256

    aad5ae8b10868548e523d9394066ca957a048342217075a6aa689cba091677de

  • SHA512

    a380454d09f39e510d86963fe433d9500cf471232632bab4af3f8323b758594537e659944f1863d7efe23c56a43e9a00e2f6148791270b8d51eef6c40531f0f6

  • SSDEEP

    6144:uCT6tqpRv7Va5qSirHJbLNyzZQFjLSu1QinB/:Lv7QA1HJb5yzqRSu1QiB/

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 9 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7d88b9eeed6b4aee5c36d31ff6aa383e.exe
    "C:\Users\Admin\AppData\Local\Temp\7d88b9eeed6b4aee5c36d31ff6aa383e.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1740
    • C:\Users\Admin\AppData\Local\Temp\7d88b9eeed6b4aee5c36d31ff6aa383e.exe
      "C:\Users\Admin\AppData\Local\Temp\7d88b9eeed6b4aee5c36d31ff6aa383e.exe"
      2⤵
        PID:2432

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1740-2-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/1740-3-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/1740-5-0x00000000003F0000-0x00000000003F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1740-4-0x00000000003D0000-0x00000000003D1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1740-6-0x0000000001C50000-0x0000000001C51000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1740-19-0x0000000000400000-0x0000000000447000-memory.dmp

      Filesize

      284KB

      Download

    • memory/2432-13-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-9-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-11-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-15-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2432-17-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-7-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-20-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-22-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-21-0x0000000000270000-0x0000000000271000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2432-24-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-26-0x0000000000270000-0x0000000000271000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2432-28-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download

    • memory/2432-30-0x0000000000400000-0x0000000000439000-memory.dmp

      Filesize

      228KB

      Download