Overview

overview

10

Static

static

10

f151cd6e8e...df.exe

windows7-x64

10

f151cd6e8e...df.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    149s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240319-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-03-2024 02:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf.exe

  • Size

    29KB

  • MD5

    a051c849e389cec5636e4f0f9b080e8c

  • SHA1

    70228c5ab77e03193e527ccb995c5ec3b0c09b1a

  • SHA256

    f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf

  • SHA512

    cd0a2ba45982f81b24bc289fa3a4bf10da2f828c845d2a73ce62bea8729d95737eed6e59d70ac05606b6d97d4cd36d721b538975f01b0c837324c95d22dc2e75

  • SSDEEP

    384:EPqvANl7TxTD+VF2dbofPauxnaIuN15708COmqDk9jeHqGBsbh0w4wlAokw9Ohgd:ru75oa4fuTC8cqojeVBKh0p29SgR5d

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf.exe
    "C:\Users\Admin\AppData\Local\Temp\f151cd6e8e2a73bb0594cc6767d193d016fc88cc9973712a9dec06284b6b3adf.exe"
    1⤵
    • Modifies registry class
    PID:5000
  • C:\Windows\system32\OpenWith.exe
    C:\Windows\system32\OpenWith.exe -Embedding
    1⤵
    • Modifies registry class
    • Suspicious use of SetWindowsHookEx
    PID:548
  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4080 --field-trial-handle=2244,i,11986678581565715302,451159359636456336,262144 --variations-seed-version /prefetch:8
    1⤵
      PID:4336

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5000-0-0x0000000074870000-0x0000000074E21000-memory.dmp
      Filesize

      5.7MB

      Download
    • memory/5000-1-0x0000000001870000-0x0000000001880000-memory.dmp
      Filesize

      64KB

      Download
    • memory/5000-2-0x0000000074870000-0x0000000074E21000-memory.dmp
      Filesize

      5.7MB

      Download
    • memory/5000-6-0x0000000074870000-0x0000000074E21000-memory.dmp
      Filesize

      5.7MB

      Download