581dae7d1fbe30dc7fb6d343cb749f1445de1031e9fa1215a49b9e64cc8aa5a6

Analysis

max time kernel
11s
max time network
52s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
25/03/2024, 10:59

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ddd8c093f1159d62ec339b5f708028a2.exe
Size

13.2MB
MD5

ddd8c093f1159d62ec339b5f708028a2
SHA1

deb1313768486adb85a3fd8fde62405c26b3be5e
SHA256

581dae7d1fbe30dc7fb6d343cb749f1445de1031e9fa1215a49b9e64cc8aa5a6
SHA512

0cc7e020787c2cb9d6e39e9b14c3d39fd8724366906c3afd59f0b2e16acccb7ed51dfec2ab15fbe234e62a567f2e67a8878befe911fc70e3298682fb27d6d2b2
SSDEEP

49152:EQFRHrmQG+yrwrTyRpL3rwrIrwrTvL3rwrtwrIrSRpL3rwrIrwrTvL3rwrtwrIrr:EcKTy/

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
1544	ae.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1544	ae.exe
1544	ae.exe

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 416 wrote to memory of 1544	416	ddd8c093f1159d62ec339b5f708028a2.exe	91
PID 416 wrote to memory of 1544	416	ddd8c093f1159d62ec339b5f708028a2.exe	91
PID 416 wrote to memory of 1544	416	ddd8c093f1159d62ec339b5f708028a2.exe	91

C:\Users\Admin\AppData\Local\Temp\ddd8c093f1159d62ec339b5f708028a2.exe
"C:\Users\Admin\AppData\Local\Temp\ddd8c093f1159d62ec339b5f708028a2.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:416
- C:\Users\Admin\AppData\Local\Temp\ae.exe
  C:\Users\Admin\AppData\Local\Temp\ae.exe -run C:\Users\Admin\AppData\Local\Temp\ddd8c093f1159d62ec339b5f708028a2.exe
  2⤵
  - Executes dropped EXE
  - Suspicious use of SetWindowsHookEx
  PID:1544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\ae.exe

Filesize
1024KB

MD5
8e9d366cc77ee61f659f8ddc9a2b3095

SHA1
7b4acf00e1f7f927c81a8b5b90b83bfd7bc9ebe2

SHA256
7c18091fe25c397c69a0ae0a7736a4d1b517149b70ec14dc0f49d8c1d9d8f365

SHA512
dcf454407a8b1890bf10519f4c5f6293f3a2724c9d245c9da4c128b1c8173d2b7b96ab8779f0c45019c7b10579a2e1a0064fce8b69e0b759a71550cd67aab110

Download Submit
C:\Users\Admin\AppData\Local\Temp\ae.exe

Filesize
898KB

MD5
dc6350864fc92ccdba271af0ae48cc1e

SHA1
4368718dd05f03002f68a03685e6cf96a16027e2

SHA256
5b677ab93c14e94e440703cd4baaf7163d072a7b61c32ceef7f17ed3e03a6486

SHA512
5070025f177c5a54d2ea49fe07fc5e194e4dc39e71f46fbbe5ef22f4c5bdc6e62a94d6c17ad9abc523987ae2bbddcb418c54164cf53b62f1db7f24cc4e8005eb

Download Submit
memory/416-26-0x0000000002610000-0x0000000002611000-memory.dmp

Filesize
4KB

Download
memory/416-38-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-5-0x00000000024A0000-0x00000000024A1000-memory.dmp

Filesize
4KB

Download
memory/416-3-0x0000000002310000-0x0000000002311000-memory.dmp

Filesize
4KB

Download
memory/416-6-0x00000000022E0000-0x00000000022E1000-memory.dmp

Filesize
4KB

Download
memory/416-7-0x0000000002490000-0x0000000002491000-memory.dmp

Filesize
4KB

Download
memory/416-8-0x00000000024D0000-0x00000000024D1000-memory.dmp

Filesize
4KB

Download
memory/416-9-0x0000000002DB0000-0x0000000002DB1000-memory.dmp

Filesize
4KB

Download
memory/416-10-0x00000000024B0000-0x00000000024B1000-memory.dmp

Filesize
4KB

Download
memory/416-11-0x0000000002DA0000-0x0000000002DA2000-memory.dmp

Filesize
8KB

Download
memory/416-13-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/416-12-0x0000000002570000-0x0000000002571000-memory.dmp

Filesize
4KB

Download
memory/416-14-0x0000000002520000-0x0000000002521000-memory.dmp

Filesize
4KB

Download
memory/416-15-0x0000000002550000-0x0000000002551000-memory.dmp

Filesize
4KB

Download
memory/416-16-0x0000000002510000-0x0000000002511000-memory.dmp

Filesize
4KB

Download
memory/416-17-0x0000000002540000-0x0000000002541000-memory.dmp

Filesize
4KB

Download
memory/416-18-0x0000000002580000-0x0000000002581000-memory.dmp

Filesize
4KB

Download
memory/416-19-0x0000000002590000-0x0000000002591000-memory.dmp

Filesize
4KB

Download
memory/416-21-0x00000000025E0000-0x00000000025E1000-memory.dmp

Filesize
4KB

Download
memory/416-20-0x0000000002620000-0x0000000002621000-memory.dmp

Filesize
4KB

Download
memory/416-23-0x0000000002600000-0x0000000002601000-memory.dmp

Filesize
4KB

Download
memory/416-22-0x00000000025D0000-0x00000000025D1000-memory.dmp

Filesize
4KB

Download
memory/416-24-0x00000000025C0000-0x00000000025C1000-memory.dmp

Filesize
4KB

Download
memory/416-25-0x00000000025F0000-0x00000000025F1000-memory.dmp

Filesize
4KB

Download
memory/416-4-0x00000000022F0000-0x00000000022F1000-memory.dmp

Filesize
4KB

Download
memory/416-42-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/416-29-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-30-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-31-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-32-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-33-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-34-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-36-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-37-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-28-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-39-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-40-0x0000000002E60000-0x0000000002F60000-memory.dmp

Filesize
1024KB

Download
memory/416-2-0x00000000024C0000-0x00000000024C1000-memory.dmp

Filesize
4KB

Download
memory/416-45-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/416-48-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/416-1-0x0000000002340000-0x0000000002390000-memory.dmp

Filesize
320KB

Download
memory/416-46-0x0000000002E60000-0x0000000002E61000-memory.dmp

Filesize
4KB

Download
memory/416-47-0x0000000002340000-0x0000000002390000-memory.dmp

Filesize
320KB

Download
memory/416-27-0x0000000002D90000-0x0000000002D96000-memory.dmp

Filesize
24KB

Download
memory/1544-52-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/1544-54-0x0000000002CB0000-0x0000000002CB1000-memory.dmp

Filesize
4KB

Download
memory/1544-51-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download
memory/1544-50-0x0000000002680000-0x0000000002681000-memory.dmp

Filesize
4KB

Download
memory/1544-49-0x0000000002C70000-0x0000000002C71000-memory.dmp

Filesize
4KB

Download
memory/1544-53-0x0000000002AD0000-0x0000000002AD1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads