Overview

overview

7

Static

static

3

bafe6b2303...f7.exe

windows7-x64

7

bafe6b2303...f7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    132s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/05/2024, 19:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bafe6b23034fd195c7a46fef14d4bbe0404581a44aa872bad6a0256b4aa3d7f7.exe

  • Size

    4.2MB

  • MD5

    9297007cb1d0f4e7c92e359b5b397e82

  • SHA1

    25c1f2a87c50035bdaf30fb5613a468d8501e3aa

  • SHA256

    bafe6b23034fd195c7a46fef14d4bbe0404581a44aa872bad6a0256b4aa3d7f7

  • SHA512

    30c59daa598e3962c41115d85515042306ab5e55e40de6286fc91cf2837c29c14f5a45f1f275bc8fa8bfe3b26d3dee49566d72b758d1aa32a8ead62c10c00606

  • SSDEEP

    98304:xSqH8bF8PGTX3jHbT+2mLh1y61/Vx9cSGLLB4:JaFLTnj7TzmL3d1/Vx96

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bafe6b23034fd195c7a46fef14d4bbe0404581a44aa872bad6a0256b4aa3d7f7.exe
    "C:\Users\Admin\AppData\Local\Temp\bafe6b23034fd195c7a46fef14d4bbe0404581a44aa872bad6a0256b4aa3d7f7.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:1632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\ExuiKrnln_Win32_20230328.lib
    Filesize

    1.5MB

    MD5

    2070d0a077b92eebdf0bac7800b499b4

    SHA1

    ab2f99140bffe587cf8de0ea6b026f4ea274a9a4

    SHA256

    56990fcca5334ec1ad6e43f9361a5624ecee7fbd0af3f0ccafbcaa628e2fe63a

    SHA512

    26005f812e7a4e7caeb4a582deba57ce1cbc7744cd1ed2912124e783d339719b90f99e149d7ca1111b6b44f6cf6844440695f60657c9d8ce44b895c31e19789f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Wlog.txt
    Filesize

    351B

    MD5

    573c55670aa6c59cd18300e25c523649

    SHA1

    4be6b911ec23cb1dbafd3a690cb83747cd9932e1

    SHA256

    6e70abbf7a75799b7d4a76ea1c1655dd6fb4770d166670b979da9f62953d6cc1

    SHA512

    813ea863172d701dc1d4a588981a975489c275c99c4dc30a81fba5f62a3146efcd59544f5f1c27abf64507cbf3b2cff1825ecbebede2bf235e0211fb786821ce

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Wlog.txt
    Filesize

    657B

    MD5

    874980a919bd06a981abc9398de75c53

    SHA1

    7cd616126019ee18809829531c557cb8eadf6a1d

    SHA256

    8385b6e8ab017d1404c5d879563e2f0cc731c180b80962b76916d340d6c21779

    SHA512

    7a3d41813f5491c298b5a43faf7ac5b136860f4251166900a08d339bbde2ac0561f01fd6dc26fe4d4e1fd621f2e37ef2bf31e45de53c8cee9b95e03a11889dd6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Wlog.txt
    Filesize

    1KB

    MD5

    4fa1b59031f53879fc6eb4a9f6718669

    SHA1

    699c1ca5025948a51442df56858cea0b5326d74d

    SHA256

    eb55f4c4d84f0224672edb8cf2999446486b02067b1c13af1ffedc09313e8039

    SHA512

    3a6baec373300ab9fb338207fd6fd69eeb20c8f340dd36aad4857f5c7aa455c82243aa0dde33da17fbc069e02bd6aabad463379496bbd51b1aab985cc9fe2960

    Download Submit

  • memory/1632-0-0x0000000000400000-0x0000000000858000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/1632-51-0x0000000000400000-0x0000000000858000-memory.dmp

    Filesize

    4.3MB

    Download