Overview

overview

7

Static

static

3

b434148580...d0.exe

windows7-x64

7

b434148580...d0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05-03-2024 08:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b43414858088cbc3c7020ebc6159b9d0.exe

  • Size

    36KB

  • MD5

    b43414858088cbc3c7020ebc6159b9d0

  • SHA1

    d3280744555c63e0fd65f0c482b79a4b46d597a4

  • SHA256

    08c345037bb966d8216d3a46ebc5849fbc03a98e7f717e8e4495470205cfd1aa

  • SHA512

    76f6691c0fee03afb885e32af2ef9b93b4096e345f3372e5937631848d9f093cbc9d51cbd1776e5f0c6735c3c67d9e5afa7f2c846cb9ae8700b06b4ea2a1200b

  • SSDEEP

    768:ieCTK/cC1ZQP6vF9U/fvX4zWSTntxUKHmDrm/mls3:ieCTO5c0eXXYPnwk6s3

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b43414858088cbc3c7020ebc6159b9d0.exe
    "C:\Users\Admin\AppData\Local\Temp\b43414858088cbc3c7020ebc6159b9d0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\WowInitcode.dll
    Filesize

    41KB

    MD5

    402ba27625fe7d3458f8f95b56104929

    SHA1

    995081ab2527d8d6047decbb4b11663e65005bd1

    SHA256

    002e2f6d5855c160549f7ad8044b94dab8bd63ce53b1ac31b403b77318510a8b

    SHA512

    dc04271ff5cc6c4b205f0f5a6855d663bb69bae753c3612278d1cb54b126a69552cadc90d6f37eff084b0f7ca355f7578631b96c3c9e532c4d85c119c3535601

    Download Submit

  • memory/1724-2-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/1724-4-0x0000000000320000-0x0000000000334000-memory.dmp

    Filesize

    80KB

    Download

  • memory/1724-6-0x0000000000400000-0x0000000000420000-memory.dmp

    Filesize

    128KB

    Download

  • memory/1724-7-0x0000000000320000-0x0000000000334000-memory.dmp

    Filesize

    80KB

    Download