Overview

overview

7

Static

static

3

ace35a7519...d4.exe

windows7-x64

7

ace35a7519...d4.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...ge.dll

windows7-x64

3

$PLUGINSDI...ge.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

1

$PLUGINSDI...te.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$TEMP/nsisos.dll

windows7-x64

1

$TEMP/nsisos.dll

windows10-2004-x64

1

AddScheduler.exe

windows7-x64

1

AddScheduler.exe

windows10-2004-x64

1

AddScheduler_.exe

windows7-x64

1

AddScheduler_.exe

windows10-2004-x64

1

DrBoan.exe

windows7-x64

3

DrBoan.exe

windows10-2004-x64

7

DrBoanMon.exe

windows7-x64

3

DrBoanMon.exe

windows10-2004-x64

3

DrBoancfg.exe

windows7-x64

3

DrBoancfg.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/02/2024, 21:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    AddScheduler_.exe

  • Size

    383KB

  • MD5

    d039b1ad2817d551bf0f9e0f5f5a6321

  • SHA1

    f83fb915221379efcc5c7137e841611c885d690e

  • SHA256

    bb525c7b4ac418d3307ff61597c5c64dc65a3eada37b3fcebe084242418a6be0

  • SHA512

    0caa7260a64e9d5ab9c4306e274e11d90f396382a665420e1409d83f815cb318eda04755255e138ab6db8854763915fc35787bc40d360b39ede7a2e3cd5d523b

  • SSDEEP

    6144:l7GS1D7K18xPMQvF01cwaP0SCS8GMSQSlgTJ9Of+F/p/uwONct43D92Uo:Y8xPvv9P0SCS84l+TJ959pGHNu4B2Uo

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\AddScheduler_.exe
    "C:\Users\Admin\AppData\Local\Temp\AddScheduler_.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:4160

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads