Overview

overview

3

Static

static

3

c24445e2c8...ee.exe

windows7-x64

1

c24445e2c8...ee.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/03/2024, 02:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c24445e2c81fb718f713bdc9ab2a2aee.exe

  • Size

    2KB

  • MD5

    c24445e2c81fb718f713bdc9ab2a2aee

  • SHA1

    67dbcb785fde799fb95b75c49465c6fc9d2d047f

  • SHA256

    cb01f0a9ae1a75525c9da78acbc1bc22851d864a7fa176c27fd1a3218dfcee64

  • SHA512

    947e95771909aa92a84137afaa33c6f7ee9f67208b87329aaf12e38a22666c650cab8722a2ea0da7abedf24d9f9211b8a17763157bc4cb7d0205d9c41cc0102c

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 30 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c24445e2c81fb718f713bdc9ab2a2aee.exe
    "C:\Users\Admin\AppData\Local\Temp\c24445e2c81fb718f713bdc9ab2a2aee.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4584
    • C:\program files\Internet Explorer\IEXPLORE.EXE
      "C:\program files\Internet Explorer\IEXPLORE.EXE"
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:4348
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4348 CREDAT:17410 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:5040
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4156 --field-trial-handle=2180,i,12780723798465539942,12010519452607841069,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:3512

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\8ZO46T3J\suggestions[1].en-US
      Filesize

      17KB

      MD5

      5a34cb996293fde2cb7a4ac89587393a

      SHA1

      3c96c993500690d1a77873cd62bc639b3a10653f

      SHA256

      c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

      SHA512

      e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

      Download Submit

    • memory/4584-0-0x0000000013150000-0x0000000013150800-memory.dmp

      Filesize

      2KB

      Download