Overview

overview

6

Static

static

3

5c3eb8c100...46.exe

windows7-x64

6

5c3eb8c100...46.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    150s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15-05-2024 10:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5c3eb8c100cef5725d79a35664e58646.exe

  • Size

    105KB

  • MD5

    5c3eb8c100cef5725d79a35664e58646

  • SHA1

    658426503b19ace88e5781a57f805677474612d9

  • SHA256

    54dc7635c51ecd94cfe8e45cbac2e52191867b9ff0465d778ee5a200bb832c22

  • SHA512

    c2e52912c4fa060ca355b4413f379d51ed757ef609b8bb6060e9e2f3686bfaefc101515c1d5b179e5334ff27f36e01de9b4756eba29f1ce311b7dce74d7038ce

  • SSDEEP

    1536:MTJxeSgVJ43R2N8gW7YI4z1w+8X5QbdoRPqUw35:M1xeSU4h2NQ7YfF0qn

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 22 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious behavior: EnumeratesProcesses 49 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5c3eb8c100cef5725d79a35664e58646.exe
    "C:\Users\Admin\AppData\Local\Temp\5c3eb8c100cef5725d79a35664e58646.exe"
    1⤵
    • Enumerates connected drives
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:2076

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2076-1-0x0000000000400000-0x000000000041D000-memory.dmp

    Filesize

    116KB

    Download

  • memory/2076-0-0x0000000000401000-0x0000000000403000-memory.dmp

    Filesize

    8KB

    Download

  • memory/2076-4-0x0000000000360000-0x0000000000382000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2076-15-0x0000000000360000-0x0000000000382000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2076-16-0x0000000000360000-0x0000000000382000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2076-17-0x0000000000360000-0x0000000000382000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2076-18-0x0000000002890000-0x00000000028C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2076-19-0x0000000002890000-0x00000000028C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2076-20-0x0000000002890000-0x00000000028C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2076-21-0x0000000002890000-0x00000000028C8000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2076-22-0x0000000000360000-0x0000000000382000-memory.dmp

    Filesize

    136KB

    Download

  • memory/2076-23-0x0000000000360000-0x0000000000382000-memory.dmp

    Filesize

    136KB

    Download