Analysis
-
max time kernel
118s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
27-03-2024 12:56
General
-
Target
e1b8626df1ebcd9f98514e4e2ffc0add.exe
-
Size
260KB
-
MD5
e1b8626df1ebcd9f98514e4e2ffc0add
-
SHA1
c2d4081cfc7469ba6df9191ba067d1c5c4b8275f
-
SHA256
3de0b47a7d7884b2a5496a2e8841b22951fd73d97ae6ea37703d0e5ed40a01c4
-
SHA512
6f9cfcae079f9b029bae5eefb518892d40109bd847660e65733f98615b72689f6c5a632b279d5e145d2d41d3591880e9c077f9671b9e01bd2064acd7dbdf5926
-
SSDEEP
3072:838uofGAT2AkfKtoDBI/CuSruE6B2v1khScooMfg5wDPpcd0QBy/z2zRmA7lEIz0:8MuofQA42VN2v12kffg5wTtcSi9pz
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Adds Run key to start application 2 TTPs 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\e1b8626df1ebcd9f98514e4e2ffc0add.exe"C:\Users\Admin\AppData\Local\Temp\e1b8626df1ebcd9f98514e4e2ffc0add.exe"1⤵
- Loads dropped DLL
- Adds Run key to start application
- Drops file in System32 directory
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rund11.exeC:\Windows\system32\rund11.exe2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
216KB
MD5fc1f24bba58f4d95ce4b3e749d793686
SHA1385447cb9bcc377fc7e606b278eeeac08c7c7170
SHA2560940204dd60fe1bed1c70b1d10a18e3d03e2719661453c4714a7f65c95e90745
SHA512f1ba3d81b2896f42c3e7dc70fa6c3abccdf9568588182c8058792bf74052507f4c8986793d694d73f6898fc9a9db05b8c13a13e45d17e187f9f7492671b3bfd5