Overview

overview

7

Static

static

3

c69e49df79...14.exe

windows7-x64

7

c69e49df79...14.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    14s
  • max time network
    35s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13-03-2024 18:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c69e49df79c2094385e68ccd4aadb114.exe

  • Size

    3.5MB

  • MD5

    c69e49df79c2094385e68ccd4aadb114

  • SHA1

    d3f3e70efa98a0b32bcf2f92a89938bf79b9c7cd

  • SHA256

    abb811be0eda380d4023da9caafa4ed4c18cc094033747472a2cc662e170faf6

  • SHA512

    89740188945c537d7f692e7d1acdb28c9d0e4c70db4a746c6bed6a4304538fd186564ea4c6c6f0b6bc626d665fb12d3985df6211fd7a85901da6bbcc26db4e27

  • SSDEEP

    24576:+7QFRUm/rCYAj8pXU+Cz/rVCY4C0hrVCY4C0G4C0SY4C0G4CT0l:EQFRHrmQG+yrV2FhrV2FTFGFTvl

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c69e49df79c2094385e68ccd4aadb114.exe
    "C:\Users\Admin\AppData\Local\Temp\c69e49df79c2094385e68ccd4aadb114.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:116
    • C:\Users\Admin\AppData\Local\Temp\y.exe
      C:\Users\Admin\AppData\Local\Temp\y.exe -run C:\Users\Admin\AppData\Local\Temp\c69e49df79c2094385e68ccd4aadb114.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\y.exe
    Filesize

    1.3MB

    MD5

    3bb4d0bf9a67e385c70ef6b7f94f9ae8

    SHA1

    8e4119d6a16b6918be7b271fbbe2f08b604e859c

    SHA256

    1af3410d0ab8f711754b9c203717f3bdfe5640799f84870de90de7716119e427

    SHA512

    5fe8eb1abb3c64ebeab8f1733249a63b94347465a0503d817cc8a1a1f68f1d87c1bc82c8e6341e511816ccf6075135c8c64109a40ee75491c5cbe666f4214346

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\y.exe
    Filesize

    1.4MB

    MD5

    dbb403d16dfdb7e9393127e32838e5b2

    SHA1

    9c1e93f6b4bffb5535920700c3ddd85ecee18435

    SHA256

    9a16bc37f042bb59951e9b0b860fa67c6875d0a548bd751ca2f518d7b0ac8dd1

    SHA512

    ee2ce17e2d0027254e856d043721e9d5e4ee86281f33e069014c6e50e0c8e7468828fe2882f66942ca3a8ccbafec645c11aa158178829e9cc6af962fbd2fb31c

    Download Submit

  • memory/116-0-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/116-1-0x0000000002350000-0x00000000023A0000-memory.dmp

    Filesize

    320KB

    Download

  • memory/116-2-0x00000000024B0000-0x00000000024B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-4-0x0000000000820000-0x0000000000821000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-3-0x00000000022D0000-0x00000000022D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-5-0x0000000002340000-0x0000000002341000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-6-0x0000000000810000-0x0000000000811000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-7-0x00000000022E0000-0x00000000022E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-8-0x00000000024C0000-0x00000000024C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-10-0x00000000024A0000-0x00000000024A1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/116-12-0x0000000002560000-0x0000000002561000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-13-0x0000000002520000-0x0000000002521000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-14-0x0000000002510000-0x0000000002511000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-16-0x0000000002500000-0x0000000002501000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-15-0x0000000002540000-0x0000000002541000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-17-0x0000000002530000-0x0000000002531000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-19-0x0000000002580000-0x0000000002581000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-18-0x0000000002570000-0x0000000002571000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-20-0x0000000002620000-0x0000000002621000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-22-0x00000000025C0000-0x00000000025C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-21-0x00000000025D0000-0x00000000025D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-23-0x00000000025F0000-0x00000000025F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-24-0x00000000025B0000-0x00000000025B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-25-0x00000000025E0000-0x00000000025E1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-26-0x0000000002600000-0x0000000002601000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-27-0x0000000002D90000-0x0000000002D96000-memory.dmp

    Filesize

    24KB

    Download

  • memory/116-28-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-33-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-36-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-37-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-39-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-40-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-41-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-42-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-43-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-44-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-45-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-46-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-47-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-49-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-48-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-51-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-52-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-53-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-55-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-56-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-57-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download

  • memory/116-61-0x0000000002E40000-0x0000000002E41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-62-0x0000000002E50000-0x0000000002E51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-63-0x00000000006D0000-0x00000000006D1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-65-0x0000000002DE0000-0x0000000002DE1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-66-0x0000000002DD0000-0x0000000002DD1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-67-0x0000000002DC0000-0x0000000002DC1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-64-0x00000000007F0000-0x00000000007F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-71-0x0000000000400000-0x0000000000536000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/116-58-0x00000000024F0000-0x00000000024F1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/116-50-0x0000000002E60000-0x0000000002F60000-memory.dmp

    Filesize

    1024KB

    Download