5b75a8634a19ddb4bdfd24e92cd09c4481b1de39c7391319cdab26563a2663bb

Analysis

max time kernel
141s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
07/03/2024, 19:01

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

b96ff0589a76eebeadc86d0729b3401c.exe
Size

673KB
MD5

b96ff0589a76eebeadc86d0729b3401c
SHA1

d691e5abe0df45d53f70f90a19dacbc9c7937614
SHA256

5b75a8634a19ddb4bdfd24e92cd09c4481b1de39c7391319cdab26563a2663bb
SHA512

0386e7567e3bf2b062c4f2a4d324d2e8f88a64bd719109f0d9786ac08dc905252a817853aee6c37dd76182cc58a5588624dfe215b1950446221fda4b6c19834f
SSDEEP

12288:YaazV2H1ECVThO3UVz6Mj4ZfEDKiJF3Z4mxxfDqVTVOCqC:+JGyMpj4ZfGJQmXeVTzqC

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
behavioral1/files/0x000b000000012241-25.dat	aspack_v212_v242

Loads dropped DLL 1 IoCs

pid	Process
2020	b96ff0589a76eebeadc86d0729b3401c.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\Common Files\Microsoft Shared\MSINFO\atmQQ2.dll	b96ff0589a76eebeadc86d0729b3401c.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
2020	b96ff0589a76eebeadc86d0729b3401c.exe

C:\Users\Admin\AppData\Local\Temp\b96ff0589a76eebeadc86d0729b3401c.exe
"C:\Users\Admin\AppData\Local\Temp\b96ff0589a76eebeadc86d0729b3401c.exe"
1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Program Files\Common Files\Microsoft Shared\MSInfo\atmQQ2.dll

Filesize
344KB

MD5
7724819f75e430ed8c0c884efa36f2ae

SHA1
96c7fcbead9106626da0de8a78d6ac49b6699738

SHA256
cc5bf7a311edbce872110f255ab6d9d914e1221888382d981fa6c92f90c96d97

SHA512
2ec999a318e772726292119177da24cc6e82bdeb140b93a0d763b2d32ac40a1d9f4c4ff750719d5cc463424e27d88762bd1ff145280dc70597add0d8f4446e9d

Download Submit
memory/2020-1-0x0000000000380000-0x00000000003D4000-memory.dmp

Filesize
336KB

Download
memory/2020-0-0x0000000000400000-0x00000000004B3000-memory.dmp

Filesize
716KB

Download
memory/2020-17-0x00000000005E0000-0x00000000005E1000-memory.dmp

Filesize
4KB

Download
memory/2020-16-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download
memory/2020-14-0x0000000001E80000-0x0000000001E81000-memory.dmp

Filesize
4KB

Download
memory/2020-13-0x0000000001E30000-0x0000000001E31000-memory.dmp

Filesize
4KB

Download
memory/2020-19-0x0000000001E60000-0x0000000001E61000-memory.dmp

Filesize
4KB

Download
memory/2020-21-0x0000000000600000-0x0000000000601000-memory.dmp

Filesize
4KB

Download
memory/2020-20-0x0000000001E90000-0x0000000001E91000-memory.dmp

Filesize
4KB

Download
memory/2020-18-0x0000000001E70000-0x0000000001E71000-memory.dmp

Filesize
4KB

Download
memory/2020-12-0x0000000001E50000-0x0000000001E51000-memory.dmp

Filesize
4KB

Download
memory/2020-22-0x00000000022F0000-0x00000000022F1000-memory.dmp

Filesize
4KB

Download
memory/2020-11-0x00000000031D0000-0x00000000031D1000-memory.dmp

Filesize
4KB

Download
memory/2020-10-0x00000000005C0000-0x00000000005C1000-memory.dmp

Filesize
4KB

Download
memory/2020-9-0x00000000031E0000-0x00000000031E1000-memory.dmp

Filesize
4KB

Download
memory/2020-8-0x00000000002F0000-0x00000000002F1000-memory.dmp

Filesize
4KB

Download
memory/2020-7-0x00000000003E0000-0x00000000003E1000-memory.dmp

Filesize
4KB

Download
memory/2020-6-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/2020-5-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/2020-23-0x00000000022D0000-0x00000000022D1000-memory.dmp

Filesize
4KB

Download
memory/2020-4-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/2020-3-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download
memory/2020-2-0x00000000002E0000-0x00000000002E1000-memory.dmp

Filesize
4KB

Download
memory/2020-24-0x0000000001EC0000-0x0000000001EC1000-memory.dmp

Filesize
4KB

Download
memory/2020-28-0x0000000001EB0000-0x0000000001EB1000-memory.dmp

Filesize
4KB

Download
memory/2020-29-0x0000000002310000-0x0000000002311000-memory.dmp

Filesize
4KB

Download
memory/2020-30-0x0000000002300000-0x0000000002301000-memory.dmp

Filesize
4KB

Download
memory/2020-31-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-32-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-33-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-34-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-36-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-35-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-37-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-38-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-39-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-40-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-41-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-42-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-44-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-43-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-45-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-49-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-48-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-50-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-47-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-54-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-53-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-52-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-51-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-58-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-57-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-56-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-55-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-46-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-59-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-60-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-61-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-62-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-63-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-67-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-66-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-64-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-65-0x0000000003220000-0x0000000003320000-memory.dmp

Filesize
1024KB

Download
memory/2020-158-0x0000000000400000-0x00000000004B3000-memory.dmp

Filesize
716KB

Download