Overview

overview

3

Static

static

3

real_real.exe

windows11-21h2-x64

1

Resubmissions

10-04-2024 22:02

240410-1x6vwafg3x 3

10-04-2024 21:57

240410-1venlsff2y 10

Analysis

  • max time kernel
    40s
  • max time network
    52s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    10-04-2024 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    real_real.exe

  • Size

    29KB

  • MD5

    0b9b0386b6cab83fe5a4c04c0b65c403

  • SHA1

    0be6dbb134443d33fa2ac5c9c6bb2647a1926cbc

  • SHA256

    b8d72c16abd24a1e51bb0eeacc7c457ebccd5e1fa57d2d642a526ee2d1e541bd

  • SHA512

    3bb96063f5bfc0c36ff348ce48042de65e2558100c5d57656aa046582442fc7adacc38aab31b575d896fa489a3bdebc30d70bfff61b715a8f0104ef6d865c313

  • SSDEEP

    768:CMLDLEGXaAi8MM9cmtqTbUq92pfAIxsXo:vUS9cIq92pI3o

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\real_real.exe
    "C:\Users\Admin\AppData\Local\Temp\real_real.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4152
    • C:\Windows\system32\cmd.exe
      C:\Windows\system32\cmd.exe /c pause
      2⤵
        PID:3320
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:4200
      • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
        "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
        1⤵
        • Modifies registry class
        • Suspicious use of SetWindowsHookEx
        PID:4840

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
        Filesize

        10KB

        MD5

        b1f935cbd0a4e7baeb4cfa73725bb226

        SHA1

        e5a5f4e788f95ccf950f745d01b8956dd14cb66c

        SHA256

        d7f24ca6d10c289d45cce23f5a19cebc0ea2b9c6b867f6b4b23c4effb08180a9

        SHA512

        8891f8904cf16da4ea8ccfc8bb993b6c0ad3beb7c146765d22e82388d2c4f4f01d84c2979b05b6c4bf11e1e93430454cc83dda012010ebf3369d94153327592d

        Download Submit

      • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
        Filesize

        10KB

        MD5

        7a4466bae7aad5bf0c7614c27c1c762f

        SHA1

        641b97cf44744099e55c2bb62298dcf51f49d8bf

        SHA256

        786e91395d0c8b7d38dc5031255622d15e3e430492b3ab9a988969052253348b

        SHA512

        492c20017b0e4f1d6dbfbca7dcd4a91a37de1b2b5425c029e282386a0f6826e21e706be993158956a7fc40c1d1d0328257441f5db0788671eca7f3b042fd66c8

        Download Submit