68af833277016e0badafa620d8e44fe924a0d286fc9c44771f41023f9d1defd7

Analysis

max time kernel
145s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
20-03-2024 00:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

d784ccf577e5a46ce311a3c23f15761f.exe
Size

11.4MB
MD5

d784ccf577e5a46ce311a3c23f15761f
SHA1

6093a2d76d32d6515499f1e85f085360beddca31
SHA256

68af833277016e0badafa620d8e44fe924a0d286fc9c44771f41023f9d1defd7
SHA512

a5c21cd3289ba7c216c8b77288cd6b29755f1d7dc755d6216a63727e92f03d65fe578f05307981c9c6914768951d02461cb7f330b76c7a7e9a6cb2b44c7c9d80
SSDEEP

49152:EQFRHrmQG+yrY+Fr/rcrvrDRHrmQG+yrY+Fr/rcrMrMrgrcrvrDRHrmQG+yrY+FM:EcKUKEKsyEp

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
4608	i.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
4608	i.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
4608	i.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
4608	i.exe
4608	i.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4340 wrote to memory of 4608	4340	d784ccf577e5a46ce311a3c23f15761f.exe	89
PID 4340 wrote to memory of 4608	4340	d784ccf577e5a46ce311a3c23f15761f.exe	89
PID 4340 wrote to memory of 4608	4340	d784ccf577e5a46ce311a3c23f15761f.exe	89

C:\Users\Admin\AppData\Local\Temp\d784ccf577e5a46ce311a3c23f15761f.exe
"C:\Users\Admin\AppData\Local\Temp\d784ccf577e5a46ce311a3c23f15761f.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4340
- C:\Users\Admin\AppData\Local\Temp\i.exe
  C:\Users\Admin\AppData\Local\Temp\i.exe -run C:\Users\Admin\AppData\Local\Temp\d784ccf577e5a46ce311a3c23f15761f.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:4608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\i.exe

Filesize
1.4MB

MD5
7c28fa72930b5e7282b01009c2856a02

SHA1
1bc0701aa3e737559d2bfdff2938a55a55cc1add

SHA256
37d77883279ea1c0bbb51092fde3575e85336804ed846207a075264f4d8f0f65

SHA512
8be5a2ffb60d42d16d7c4722d0b7d5866c788aa159d13115c1048249790adeea0450d78531bd76f2a208dc4ab604c8c3b15a25ac5b70579da799af4245e5efc7

Download Submit
C:\Users\Admin\AppData\Local\Temp\i.exe

Filesize
1.7MB

MD5
d273cf144a0d9e8f72d1558e08175264

SHA1
572785013e1066db080c7a10d5b348ae1fc877eb

SHA256
ba7fbebef1fe330c06cbac6f1d1d70c72a36f0a8b9537063f712dadcf2d7cb31

SHA512
a527f5498945545de6c26394c8348b4ce5200c7d8777ecbe9fc4a4b9d44aadd649a87197b2e0dcdeaee1bfe93c1dcdf036a198fab7da4c4c7975ba5a99139672

Download Submit
memory/4340-34-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-15-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/4340-4-0x0000000002330000-0x0000000002331000-memory.dmp

Filesize
4KB

Download
memory/4340-5-0x0000000002360000-0x0000000002361000-memory.dmp

Filesize
4KB

Download
memory/4340-10-0x0000000002370000-0x0000000002371000-memory.dmp

Filesize
4KB

Download
memory/4340-9-0x0000000002DA0000-0x0000000002DA1000-memory.dmp

Filesize
4KB

Download
memory/4340-8-0x0000000002390000-0x0000000002391000-memory.dmp

Filesize
4KB

Download
memory/4340-7-0x0000000002350000-0x0000000002351000-memory.dmp

Filesize
4KB

Download
memory/4340-6-0x0000000002320000-0x0000000002321000-memory.dmp

Filesize
4KB

Download
memory/4340-11-0x0000000002D90000-0x0000000002D92000-memory.dmp

Filesize
8KB

Download
memory/4340-12-0x0000000002550000-0x0000000002551000-memory.dmp

Filesize
4KB

Download
memory/4340-13-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/4340-14-0x00000000024F0000-0x00000000024F1000-memory.dmp

Filesize
4KB

Download
memory/4340-2-0x0000000002380000-0x0000000002381000-memory.dmp

Filesize
4KB

Download
memory/4340-16-0x00000000024E0000-0x00000000024E1000-memory.dmp

Filesize
4KB

Download
memory/4340-17-0x0000000002520000-0x0000000002521000-memory.dmp

Filesize
4KB

Download
memory/4340-18-0x0000000002560000-0x0000000002561000-memory.dmp

Filesize
4KB

Download
memory/4340-19-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/4340-20-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/4340-27-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/4340-26-0x00000000025D0000-0x00000000025D1000-memory.dmp

Filesize
4KB

Download
memory/4340-28-0x0000000002D80000-0x0000000002D86000-memory.dmp

Filesize
24KB

Download
memory/4340-25-0x00000000025A0000-0x00000000025A1000-memory.dmp

Filesize
4KB

Download
memory/4340-24-0x00000000025E0000-0x00000000025E1000-memory.dmp

Filesize
4KB

Download
memory/4340-23-0x00000000025B0000-0x00000000025B1000-memory.dmp

Filesize
4KB

Download
memory/4340-22-0x00000000025C0000-0x00000000025C1000-memory.dmp

Filesize
4KB

Download
memory/4340-29-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-30-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-31-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-32-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-40-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4340-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4340-43-0x00000000022C0000-0x0000000002310000-memory.dmp

Filesize
320KB

Download
memory/4340-3-0x0000000002340000-0x0000000002341000-memory.dmp

Filesize
4KB

Download
memory/4340-33-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-41-0x0000000002E50000-0x0000000002E51000-memory.dmp

Filesize
4KB

Download
memory/4340-44-0x0000000002E50000-0x0000000002E51000-memory.dmp

Filesize
4KB

Download
memory/4340-35-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-38-0x0000000002E50000-0x0000000002F50000-memory.dmp

Filesize
1024KB

Download
memory/4340-1-0x00000000022C0000-0x0000000002310000-memory.dmp

Filesize
320KB

Download
memory/4340-42-0x0000000002E50000-0x0000000002E51000-memory.dmp

Filesize
4KB

Download
memory/4608-45-0x0000000002C50000-0x0000000002C51000-memory.dmp

Filesize
4KB

Download
memory/4608-49-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-46-0x0000000002C40000-0x0000000002C46000-memory.dmp

Filesize
24KB

Download
memory/4608-47-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-48-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-50-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-51-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-59-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-53-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-54-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-55-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-92-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/4608-58-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-57-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-52-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-60-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-63-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-62-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-61-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-65-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-66-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-68-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-67-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-64-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download
memory/4608-56-0x0000000002D10000-0x0000000002E10000-memory.dmp

Filesize
1024KB

Download