eda36078e21f3f5788badb1e26dfd07f775becfc8c16a4ae4eda88be25f746d1

Analysis

max time kernel
144s
max time network
145s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
04-02-2024 11:50

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

8f1535281df97440df99312fd9ddefbe.exe
Size

4.9MB
MD5

8f1535281df97440df99312fd9ddefbe
SHA1

87aadf12e680a2fdc2484e0ff6a7e0c16a82db29
SHA256

eda36078e21f3f5788badb1e26dfd07f775becfc8c16a4ae4eda88be25f746d1
SHA512

db199f76dd9a0f494a2909c09914d66698eb2d99e790627ca34a0545730d4edf77fdabe316655927bea48be06bdced186350ac7efcfc9c4b5e47972c87d7457f
SSDEEP

49152:EQFRHrmQG+yGwmQG+yG3QG+eQG+yGwRG3QG+eQG++3QG+uWrmQG+yGw9www+:EcKo0h8hdTd

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
3364	fslqx.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
3364	fslqx.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
3364	fslqx.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
3364	fslqx.exe
3364	fslqx.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1112 wrote to memory of 3364	1112	8f1535281df97440df99312fd9ddefbe.exe	88
PID 1112 wrote to memory of 3364	1112	8f1535281df97440df99312fd9ddefbe.exe	88
PID 1112 wrote to memory of 3364	1112	8f1535281df97440df99312fd9ddefbe.exe	88

C:\Users\Admin\AppData\Local\Temp\8f1535281df97440df99312fd9ddefbe.exe
"C:\Users\Admin\AppData\Local\Temp\8f1535281df97440df99312fd9ddefbe.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1112
- C:\Users\Admin\AppData\Local\Temp\fslqx.exe
  C:\Users\Admin\AppData\Local\Temp\fslqx.exe -run C:\Users\Admin\AppData\Local\Temp\8f1535281df97440df99312fd9ddefbe.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:3364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\fslqx.exe

Filesize
239KB

MD5
c2d0b24d0afc7d646134931136838d9f

SHA1
8508c9aa9261c01bfecf5ba2da2684785581e382

SHA256
1016b0c0b44a93113ac8fa0eb47738cc08940a0b810df2c04063a86c57e72019

SHA512
6953f5bb2d160e9ef38a5f5eb3e12af412144515621f34cffd14cab3fda1ccb533d12d27d64b7abc8cee9e632e87f747273850fd7d1081ffa294fc80ef6b440b

Download Submit
C:\Users\Admin\AppData\Local\Temp\fslqx.exe

Filesize
176KB

MD5
f20a92e54b5d60d10f5e13dce8605d9e

SHA1
ffd34f258e302adc9f46c47549c3e9b5bd90b714

SHA256
d360231976bc49cfb4a8e08d1fb30bab2fcb0b6aba89e94883dd6a506eb798d4

SHA512
f7ed0baa8a80a58ec68c483da9f1632d890947b210a8b30928b4614a3294edf9f450f3bf23c5c392ba511e2adca5d3f819667d43c8063239ade1b7efcdfa7a96

Download Submit
memory/1112-10-0x0000000002380000-0x0000000002381000-memory.dmp

Filesize
4KB

Download
memory/1112-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/1112-16-0x00000000023E0000-0x00000000023E1000-memory.dmp

Filesize
4KB

Download
memory/1112-15-0x0000000002420000-0x0000000002421000-memory.dmp

Filesize
4KB

Download
memory/1112-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/1112-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/1112-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/1112-40-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/1112-43-0x0000000002330000-0x0000000002380000-memory.dmp

Filesize
320KB

Download
memory/1112-4-0x0000000000850000-0x0000000000851000-memory.dmp

Filesize
4KB

Download
memory/1112-42-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/1112-5-0x0000000000880000-0x0000000000881000-memory.dmp

Filesize
4KB

Download
memory/1112-6-0x00000000006F0000-0x00000000006F1000-memory.dmp

Filesize
4KB

Download
memory/1112-39-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/1112-7-0x0000000000870000-0x0000000000871000-memory.dmp

Filesize
4KB

Download
memory/1112-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/1112-8-0x00000000023A0000-0x00000000023A1000-memory.dmp

Filesize
4KB

Download
memory/1112-13-0x0000000002400000-0x0000000002401000-memory.dmp

Filesize
4KB

Download
memory/1112-41-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/1112-3-0x0000000000860000-0x0000000000861000-memory.dmp

Filesize
4KB

Download
memory/1112-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

Filesize
4KB

Download
memory/1112-12-0x0000000002440000-0x0000000002441000-memory.dmp

Filesize
4KB

Download
memory/1112-14-0x00000000023F0000-0x00000000023F1000-memory.dmp

Filesize
4KB

Download
memory/1112-18-0x0000000002410000-0x0000000002411000-memory.dmp

Filesize
4KB

Download
memory/1112-19-0x0000000002460000-0x0000000002461000-memory.dmp

Filesize
4KB

Download
memory/1112-20-0x0000000002470000-0x0000000002471000-memory.dmp

Filesize
4KB

Download
memory/1112-21-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/1112-22-0x00000000024C0000-0x00000000024C1000-memory.dmp

Filesize
4KB

Download
memory/1112-23-0x00000000024B0000-0x00000000024B1000-memory.dmp

Filesize
4KB

Download
memory/1112-24-0x00000000024E0000-0x00000000024E1000-memory.dmp

Filesize
4KB

Download
memory/1112-25-0x00000000024A0000-0x00000000024A1000-memory.dmp

Filesize
4KB

Download
memory/1112-26-0x00000000024D0000-0x00000000024D1000-memory.dmp

Filesize
4KB

Download
memory/1112-27-0x00000000024F0000-0x00000000024F1000-memory.dmp

Filesize
4KB

Download
memory/1112-28-0x0000000002D90000-0x0000000002D96000-memory.dmp

Filesize
24KB

Download
memory/1112-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

Filesize
8KB

Download
memory/1112-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/1112-2-0x0000000002390000-0x0000000002391000-memory.dmp

Filesize
4KB

Download
memory/1112-37-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/1112-36-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/1112-1-0x0000000002330000-0x0000000002380000-memory.dmp

Filesize
320KB

Download
memory/3364-53-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-47-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-48-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-49-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-50-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-51-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-54-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-55-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-56-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-57-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-66-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-68-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-67-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-65-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-64-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-63-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-62-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-58-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-61-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-60-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-59-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-52-0x0000000002D20000-0x0000000002E20000-memory.dmp

Filesize
1024KB

Download
memory/3364-45-0x0000000002C70000-0x0000000002C71000-memory.dmp

Filesize
4KB

Download
memory/3364-46-0x0000000002C50000-0x0000000002C56000-memory.dmp

Filesize
24KB

Download
memory/3364-44-0x0000000002C70000-0x0000000002C71000-memory.dmp

Filesize
4KB

Download
memory/3364-93-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download