Overview

overview

1

Static

static

1

bf428cf50d...fb.exe

windows7-x64

1

bf428cf50d...fb.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    156s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    09-03-2024 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf428cf50de1fc14d6c99a841077f0bd9e54b106f74d1eda277d7489a37428fb.exe

  • Size

    4.0MB

  • MD5

    9fc4e37d7ea33124ffcd5d98c4b35e76

  • SHA1

    414d74c4fbe0deb128f489b32e67d2d2309be08e

  • SHA256

    bf428cf50de1fc14d6c99a841077f0bd9e54b106f74d1eda277d7489a37428fb

  • SHA512

    ca9b42b4d9436fa7a8634b050b40be597c23a12ae4512cabdaecf098cb2a1fcb3e2ee8de5785151bc859a2dc3d56518f684e723bf82ca66d207682165b1f80ad

  • SSDEEP

    49152:KHKI5f6pxCu2qHhPmMMFrv+uFcJcaRg9xRVfuiGl1UKCF8qBf6DsOZPWTUWvZFvn:Of6f1B/MNWIWcN/nQ1UKM926FvD7

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bf428cf50de1fc14d6c99a841077f0bd9e54b106f74d1eda277d7489a37428fb.exe
    "C:\Users\Admin\AppData\Local\Temp\bf428cf50de1fc14d6c99a841077f0bd9e54b106f74d1eda277d7489a37428fb.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2664

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads