Overview

overview

7

Static

static

3

5b097985c1...3e.exe

windows7-x64

7

5b097985c1...3e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    21/04/2024, 22:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b097985c18c6f389298a41d1fbf4eb5987bb6a09f1971aeb264b17d459f163e.exe

  • Size

    1.2MB

  • MD5

    34b7b5828009888885d641f1fc270b26

  • SHA1

    0a919dc427866b4e224bc2b0824ca9e4e73469fe

  • SHA256

    5b097985c18c6f389298a41d1fbf4eb5987bb6a09f1971aeb264b17d459f163e

  • SHA512

    2625a76e1ee6513e82afb25c7a09953fc56b4ff9c8ef18b7fd0513bea850813f47eb7562eb7bdd6a996b7c5b012dfb98b2a5fc145e87d609e8d5d3dd13e91aec

  • SSDEEP

    24576:JhzmtwaLyr8m2M4uhNOHaEYylEZ0hoXRPG+k70xzz8IjLfZevZL8c/U7Nir:Jhzm/qcOhNr/qEZ0r+e0xzz8IH8vicci

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious use of SetWindowsHookEx 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b097985c18c6f389298a41d1fbf4eb5987bb6a09f1971aeb264b17d459f163e.exe
    "C:\Users\Admin\AppData\Local\Temp\5b097985c18c6f389298a41d1fbf4eb5987bb6a09f1971aeb264b17d459f163e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:2548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\E_N4\ExtMenu.fnr
    Filesize

    188KB

    MD5

    815f7b24563a687ac83d177487463171

    SHA1

    3fa8bcd99cebee884856c99f95f85f409fccd4ca

    SHA256

    60b2b63afe9f1f8b30acd7d947665c45907006a557e217f2df606345459abdc3

    SHA512

    1f72231f285db33ac074bace4c0c9577f806378a695e2db07a7fd4e1327e51886cc04b9b83b61e3abf349c6cfc6014cee5a78b6c867f7dc91a63ebfe461595b2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_N4\edroptarget.fne
    Filesize

    156KB

    MD5

    ca77aec89bd2f81bbef77ff26b88148a

    SHA1

    27e8eb70f218d5d085344fce21653dc31e0dda29

    SHA256

    1eaf42e6c734eb332f0edf7d3cf7c408f72b3267ae5408675d3604a6b23319d2

    SHA512

    985592f5a0c5916b1dc83079f17abb0fb4fb20aeb8b9a9d6ffd1b196eeda45d5d2393654cee3e6c1405d431f2fd55403ce734d75a948fdc56fea2d67217067cf

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_N4\iext.fnr
    Filesize

    216KB

    MD5

    3f1b2b497172b65f7bb15453d0d93de0

    SHA1

    e24556e47ced0b6ae6b89a5e280b83e15ed42e8a

    SHA256

    4f9ad22aa55455f56619e76a01afeb337e1f28f61c7dde5869eb2a6d8776581e

    SHA512

    8837e6108ffde548674487c5ebba3e3dbee8bfafa5727470d3ebaeec039baefc6dc3d756a199f4fb334754985288f0a5577b32eb41fbd69295fc9681354cd3f2

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_N4\iext2.fne
    Filesize

    492KB

    MD5

    dba5fdbe7ec94463b3f6fdf2162c9f95

    SHA1

    a97137b4f2b77166b2a23da1f58e0bdb7365f4f2

    SHA256

    a8b14f31098a191631696db5ddc77e029b48999542e0ec15b63df02220c66d37

    SHA512

    325439bb5fe0e18e08cd547e9e9d505aa5b1ee51a436cb155254cfb04d318679e7a016cc2e72ffaba49bed20e15e85b26fd2a22e726e211650317218dde53ba6

    Download Submit

  • \Users\Admin\AppData\Local\Temp\E_N4\krnln.fnr
    Filesize

    1.0MB

    MD5

    44e2ca67c060fbe3dc0d030149f5a478

    SHA1

    5df61eb626bc3849893701942114609c1086d496

    SHA256

    6ced19283dbbb95f264448f380592f4e98ba8228efca2f68821ab3ae61029d93

    SHA512

    1a348c7585d78dd68c1d0e059ea1d7cea57c1aeff734f834f75025719b9fdd0e9bb16aebe75e15502a1b83106387eaa9493b8990999e0a68b62c1afdbc8cf45e

    Download Submit

  • memory/2548-0-0x0000000000400000-0x000000000043A000-memory.dmp

    Filesize

    232KB

    Download

  • memory/2548-9-0x0000000001F00000-0x0000000001F44000-memory.dmp

    Filesize

    272KB

    Download

  • memory/2548-13-0x0000000001FB0000-0x000000000203B000-memory.dmp

    Filesize

    556KB

    Download

  • memory/2548-17-0x00000000003D0000-0x00000000003FA000-memory.dmp

    Filesize

    168KB

    Download

  • memory/2548-21-0x0000000002040000-0x000000000207F000-memory.dmp

    Filesize

    252KB

    Download

  • memory/2548-24-0x0000000000400000-0x000000000043A000-memory.dmp

    Filesize

    232KB

    Download