Analysis
-
max time kernel
41s -
max time network
42s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
19/02/2024, 15:51
General
-
Target
TripIt.cc hackvshack.net.exe
-
Size
1.7MB
-
MD5
a3c34ce9bf112870255400ae6d1e8f27
-
SHA1
5c84681e1b94392bd77586ae3262edbeb7e96e15
-
SHA256
9170ce02ddbd66e4133017f20126c7faac028d636fc96ebc0d4b6d5a98ce91a0
-
SHA512
e64beb2b596f13ed497bd7ee66a39a479532753f09f2a183a14143eec8a34e41c7ff55f6b21d585f5c790fd4e1733df371c01d4b01b243624fbef67ffaa7fc69
-
SSDEEP
49152:Xx3M/x6QwLpaUTFtj/AtZwgb9TA/19wNRn+n+B:BdTsLVAw
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious behavior: EnumeratesProcesses 34 IoCs
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\TripIt.cc hackvshack.net.exe"C:\Users\Admin\AppData\Local\Temp\TripIt.cc hackvshack.net.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\QIqPiDQMbJhviDzIlQ.exeC:\Users\Admin\AppData\Local\Temp\QIqPiDQMbJhviDzIlQ.exe2⤵
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
20KB
MD5b9b8d94afe05bad01c4207232d912154
SHA13e23df03afb2ec7817b19c0a7d89b947eac48387
SHA25651ec5c02cafe46b25e80a568cc1d1b166d77287a0494c54e8389d95024176448
SHA5128d6896e57bd7cc3eb8326dd847543175ad74f73843dd749297c2d828f08b14e8b3b16ffff7418bc9f65ab3c778ec066d69fd68a5ea0c7d28ee092256d53a52a5