Analysis
-
max time kernel
118s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240419-en -
resource tags
arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system -
submitted
06-05-2024 08:57
Behavioral task
behavioral1
Sample
Challan.exe
Resource
win7-20240419-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
Challan.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
3 signatures
150 seconds
General
-
Target
Challan.exe
-
Size
472KB
-
MD5
6add675acc1977a20b91156a9bf45e19
-
SHA1
bd6af2df5e3f1390110a2adbffb99c05c398ccbf
-
SHA256
04a220a495f57cf0cfc48376ade49c969ed074e0011205247a6d71877912b0c7
-
SHA512
975695d0eb5006a28ca8df0d29d9456aaf20bec83cedca037c5acc88e2c72f44eb2bb1a1928e5495d1c844f5f39f4c71e9e42db477eea26e8da3de60cc071338
-
SSDEEP
12288:gLKvOdhkkIXS3y1+T46A9jmP/uhu/yMS08CkntxYR:B2dhkc3FkfmP/UDMS08Ckn3
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2204 Challan.exe 2204 Challan.exe 2204 Challan.exe -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2204 wrote to memory of 2252 2204 Challan.exe 28 PID 2204 wrote to memory of 2252 2204 Challan.exe 28 PID 2204 wrote to memory of 2252 2204 Challan.exe 28 PID 2204 wrote to memory of 2252 2204 Challan.exe 28