7c25dac4fd97ac041aee989706ee614a2bf91f45f4ea4239898ed5d60d4cc52b

Analysis

max time kernel
140s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
10/03/2024, 14:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bee5f2fad8536de09059278ee803b902.exe
Size

9.4MB
MD5

bee5f2fad8536de09059278ee803b902
SHA1

869dcf08ef1f5d9fe23ef56986eec4c3d5041b65
SHA256

7c25dac4fd97ac041aee989706ee614a2bf91f45f4ea4239898ed5d60d4cc52b
SHA512

fd322f6b5016f316f74d0b5d6cfa8e2f3328852cf0818fd58864b57e757240bec6047a38a09b3f1d3e483227d11612eb14e2ab7b63b3bdf5e1f1c64f6b101964
SSDEEP

49152:EQFRHrmQG+wrmQG+brmQG+CQrmQG+wrxQG+CQrmQG+wrHIQG+wrJmQG+brmQG+CI:EcKOvpxZpxgYvpx62vpxdEvpx

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4532	usk.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4532	usk.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
4532	usk.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4532	usk.exe
4532	usk.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 5044 wrote to memory of 4532	5044	bee5f2fad8536de09059278ee803b902.exe	85
PID 5044 wrote to memory of 4532	5044	bee5f2fad8536de09059278ee803b902.exe	85
PID 5044 wrote to memory of 4532	5044	bee5f2fad8536de09059278ee803b902.exe	85

C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe
"C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:5044
- C:\Users\Admin\AppData\Local\Temp\usk.exe
  C:\Users\Admin\AppData\Local\Temp\usk.exe -run C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:4532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\usk.exe

Filesize
1.3MB

MD5
18d0181c83717d157ccf0e7b25364eb1

SHA1
bd68e4141beb5866a11a9efcb7e5409ea7e6a8a5

SHA256
c1e2d9324fbbfcb40e1c2f9be6427bb5eb49ab0f77934bf720a28241d90f1fa4

SHA512
112e6e8ee6dca591f940838d5782dbc8a410757d704f56a1b538c42b07ec97e434f027184e91377f983af76ced03157026d671bce79296a960f3b0d096dae47b

Download Submit
C:\Users\Admin\AppData\Local\Temp\usk.exe

Filesize
1.9MB

MD5
d7771d390e0b9dd8f4b6b3ef9da6868b

SHA1
8d78ddc0423ca10ab92e3ac183ad0b53057ff567

SHA256
50bdf5b4dea342d6060a67ad6e476ee9b91f0b321392ee00149aab320fa8934c

SHA512
cde073348f370495b0077d93a34796107c6c756e44585a723c8bc785be951fa19bdb66b7b73d3e53e1dab588f9319f241cc83d9d4877c6121073150ec88d62ae

Download Submit
memory/4532-56-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-43-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/4532-66-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-65-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-63-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-64-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-62-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-61-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-60-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-59-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-58-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-54-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-67-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-68-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-57-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-53-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-52-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-51-0x0000000004F80000-0x0000000004F81000-memory.dmp

Filesize
4KB

Download
memory/4532-50-0x0000000004F80000-0x0000000004F81000-memory.dmp

Filesize
4KB

Download
memory/4532-49-0x0000000004F80000-0x0000000004F81000-memory.dmp

Filesize
4KB

Download
memory/4532-46-0x0000000003D00000-0x0000000003D01000-memory.dmp

Filesize
4KB

Download
memory/4532-47-0x0000000004F80000-0x0000000004F81000-memory.dmp

Filesize
4KB

Download
memory/4532-48-0x0000000004F80000-0x0000000004F81000-memory.dmp

Filesize
4KB

Download
memory/4532-45-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4532-55-0x0000000004F80000-0x0000000004F9B000-memory.dmp

Filesize
108KB

Download
memory/4532-44-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

Filesize
4KB

Download
memory/4532-116-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/5044-18-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/5044-21-0x0000000002620000-0x0000000002621000-memory.dmp

Filesize
4KB

Download
memory/5044-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-40-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-39-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/5044-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-42-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-41-0x0000000002300000-0x0000000002350000-memory.dmp

Filesize
320KB

Download
memory/5044-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-35-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-28-0x0000000002D90000-0x0000000002D96000-memory.dmp

Filesize
24KB

Download
memory/5044-27-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/5044-26-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/5044-25-0x00000000025C0000-0x00000000025C1000-memory.dmp

Filesize
4KB

Download
memory/5044-24-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/5044-23-0x00000000025D0000-0x00000000025D1000-memory.dmp

Filesize
4KB

Download
memory/5044-22-0x00000000025E0000-0x00000000025E1000-memory.dmp

Filesize
4KB

Download
memory/5044-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/5044-20-0x0000000002580000-0x0000000002581000-memory.dmp

Filesize
4KB

Download
memory/5044-19-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/5044-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/5044-17-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/5044-16-0x0000000002540000-0x0000000002541000-memory.dmp

Filesize
4KB

Download
memory/5044-15-0x0000000002510000-0x0000000002511000-memory.dmp

Filesize
4KB

Download
memory/5044-12-0x0000000002560000-0x0000000002561000-memory.dmp

Filesize
4KB

Download
memory/5044-13-0x0000000002520000-0x0000000002521000-memory.dmp

Filesize
4KB

Download
memory/5044-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

Filesize
8KB

Download
memory/5044-10-0x00000000024A0000-0x00000000024A1000-memory.dmp

Filesize
4KB

Download
memory/5044-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

Filesize
4KB

Download
memory/5044-8-0x00000000024C0000-0x00000000024C1000-memory.dmp

Filesize
4KB

Download
memory/5044-7-0x0000000002480000-0x0000000002481000-memory.dmp

Filesize
4KB

Download
memory/5044-6-0x0000000002450000-0x0000000002451000-memory.dmp

Filesize
4KB

Download
memory/5044-5-0x0000000002490000-0x0000000002491000-memory.dmp

Filesize
4KB

Download
memory/5044-4-0x0000000002460000-0x0000000002461000-memory.dmp

Filesize
4KB

Download
memory/5044-3-0x0000000002470000-0x0000000002471000-memory.dmp

Filesize
4KB

Download
memory/5044-2-0x00000000024B0000-0x00000000024B1000-memory.dmp

Filesize
4KB

Download
memory/5044-1-0x0000000002300000-0x0000000002350000-memory.dmp

Filesize
320KB

Download