Overview

overview

7

Static

static

5

ef1dea9884...52.exe

windows7-x64

7

ef1dea9884...52.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22-05-2024 02:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef1dea9884255955e28f2bb38975b56b3de3e6abb1f427375a64c69c8d364452.exe

  • Size

    1.6MB

  • MD5

    1be3537b62638d17694413a8fda27a34

  • SHA1

    590f2a1994fd61f0672c73c43122190337e5cfbc

  • SHA256

    ef1dea9884255955e28f2bb38975b56b3de3e6abb1f427375a64c69c8d364452

  • SHA512

    d1e1884416ca8830d163411bcec559cc8c8c8b5e5886b4dc2d04da3f7d0e5953325f89315b771f11105bc7634c6023f27f2cceeff314c72c8cd1221d9ed34484

  • SSDEEP

    49152:m2EYTb8atv1orq+pEiSDTj1VyvBaefGYmHQOgYi:DXbIrqi6gY

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of FindShellTrayWindow 44 IoCs
  • Suspicious use of SendNotifyMessage 44 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ef1dea9884255955e28f2bb38975b56b3de3e6abb1f427375a64c69c8d364452.exe
    "C:\Users\Admin\AppData\Local\Temp\ef1dea9884255955e28f2bb38975b56b3de3e6abb1f427375a64c69c8d364452.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\etlet.db
    Filesize

    681KB

    MD5

    62bbc3b087c803260c0c63595cf872ee

    SHA1

    d20ef5cbc0689786faae2a6c235e054b59641b51

    SHA256

    0da1da4e5ec6650654f2114f8fcbbfe196085414c9768a6b72ee0ca546da13f8

    SHA512

    75661e62e7bd0c15baae37bd5224440cc6532a5565608aca88a216fe8e8a18d0595b75bfe5c330fd0cb939abcf60fe565e3aeb743c11dabfc39b50a8b203e257

    Download Submit