Overview

overview

10

Static

static

10

b4ca61e850...06.exe

windows7-x64

7

b4ca61e850...06.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    16/04/2024, 18:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4ca61e8505c676198caf69bb689ee8858ebe39e127b38eca4f6cd616f5c4c06.exe

  • Size

    6.6MB

  • MD5

    3e25e1fbc352c9234c2c26cba5b360cf

  • SHA1

    4210f11288da8ff3c4a5715e717facfa15bb3cd7

  • SHA256

    b4ca61e8505c676198caf69bb689ee8858ebe39e127b38eca4f6cd616f5c4c06

  • SHA512

    90eca6e6135b2efd0d8226c06b1ef5df7ef0a6d390d2a86ea4a01bf370e2003ebc34c39e8b5679662e7f50386bced1729269ec16a25b4d5ee1577d76768395f5

  • SSDEEP

    98304:EIZwB149VUGvwttNcpZL0FzJLwATuHzLCeTqga9fYWn8fH5hCZVG7zkRbC:EIc6VtwtLnyHKemgamoZVXRbC

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b4ca61e8505c676198caf69bb689ee8858ebe39e127b38eca4f6cd616f5c4c06.exe
    "C:\Users\Admin\AppData\Local\Temp\b4ca61e8505c676198caf69bb689ee8858ebe39e127b38eca4f6cd616f5c4c06.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:2960

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Love.dll
    Filesize

    5.9MB

    MD5

    d23a34e896bbbf10814f66e4f707b65a

    SHA1

    4ed83b3954d12ba3e3261ed50fee119879e16e22

    SHA256

    1284794e38d03433d5bfa309d28db82510ddf8bf889c1cf4cffd22ac4ebae714

    SHA512

    527a8b1d77f0f9c809141c29262c759e763b56f7ce70c64cc44dca6ad79b1ea3b8b2724b183aa315d31dff533be787a6d12182145dec6e76f72188d1832a2efc

    Download Submit

  • memory/2960-0-0x0000000000240000-0x000000000024D000-memory.dmp

    Filesize

    52KB

    Download

  • memory/2960-4-0x0000000010000000-0x00000000105BF000-memory.dmp

    Filesize

    5.7MB

    Download

  • memory/2960-5-0x0000000003880000-0x000000000409B000-memory.dmp

    Filesize

    8.1MB

    Download

  • memory/2960-6-0x00000000040A0000-0x000000000499A000-memory.dmp

    Filesize

    9.0MB

    Download

  • memory/2960-7-0x00000000023B0000-0x00000000023C6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2960-8-0x00000000023D0000-0x00000000023D2000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2960-9-0x0000000002940000-0x0000000002941000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2960-10-0x0000000003880000-0x000000000409B000-memory.dmp

    Filesize

    8.1MB

    Download

  • memory/2960-11-0x00000000040A0000-0x000000000499A000-memory.dmp

    Filesize

    9.0MB

    Download

  • memory/2960-12-0x00000000023B0000-0x00000000023C6000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2960-13-0x00000000023D0000-0x00000000023D2000-memory.dmp

    Filesize

    8KB

    Download