Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
-
submitted
27/03/2024, 15:08
General
-
Target
e1f6f896e9cf32e8886c4c6f86a23868.exe
-
Size
258KB
-
MD5
e1f6f896e9cf32e8886c4c6f86a23868
-
SHA1
3d24066aad405837cec45b5e9e73a734acc373e6
-
SHA256
cfe8e2a7e37cee1f4a2871ce5ee3b27e97a52085161788751b051394e2b235d5
-
SHA512
b1b94aaed49f29326171f3959615bac413bf46bea45783312f1ef2d874dbcf84f3bd11b41cd21ab344b52463f354368ab308007201c061cbf74319bba09a97b3
-
SSDEEP
6144:dDMbIIJdEmxZzFRIpQy9W4lyLHWyPEuSl4L1OZWyZ:dIbJTRIpFWnzVPntLkE
Score
7/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Drops file in System32 directory 1 IoCs
-
Program crash 1 IoCs
-
Suspicious use of SetWindowsHookEx 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\e1f6f896e9cf32e8886c4c6f86a23868.exe"C:\Users\Admin\AppData\Local\Temp\e1f6f896e9cf32e8886c4c6f86a23868.exe"1⤵
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 3124 -s 5442⤵
- Program crash
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3124 -ip 31241⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
211KB
MD5d2541e52b63376ad4c3fee4bc5e5368a
SHA1227d23c0afad47c532c1566a1fb746e5b41877c3
SHA256a1308f23f6096c57a9117556942755ae74f730a71795aed46648dd48f80493c9
SHA51267ba72eac7fd08eccec445c6efe7a48d52a9339df86301ab27b53a91864a9cbecd20bcf4ed7022656df8ac411daf3bd3e1d0efbb45db67456845eb18e4f2779c
-
Filesize
52KB
-
Filesize
264KB
-
Filesize
44KB
-
Filesize
264KB