Overview

overview

10

Static

static

10

Challan.exe

windows7-x64

3

Challan.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    06-05-2024 08:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Challan.exe

  • Size

    472KB

  • MD5

    6add675acc1977a20b91156a9bf45e19

  • SHA1

    bd6af2df5e3f1390110a2adbffb99c05c398ccbf

  • SHA256

    04a220a495f57cf0cfc48376ade49c969ed074e0011205247a6d71877912b0c7

  • SHA512

    975695d0eb5006a28ca8df0d29d9456aaf20bec83cedca037c5acc88e2c72f44eb2bb1a1928e5495d1c844f5f39f4c71e9e42db477eea26e8da3de60cc071338

  • SSDEEP

    12288:gLKvOdhkkIXS3y1+T46A9jmP/uhu/yMS08CkntxYR:B2dhkc3FkfmP/UDMS08Ckn3

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Challan.exe
    "C:\Users\Admin\AppData\Local\Temp\Challan.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2204
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c C:\Users\Admin\AppData\Local\Temp\
      2⤵
        PID:2252

    Network

    MITRE ATT&CK Matrix ATT&CK v13

    Replay Monitor

    Loading Replay Monitor...

    Downloads