4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3

Analysis

max time kernel
122s
max time network
128s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
26-05-2024 13:00

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe
Size

14.7MB
MD5

236e5b419ae1b3850791af6565486386
SHA1

09780d4bdfde8f6f754be3b8158d5ebc7cade4b6
SHA256

4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3
SHA512

bd19a823617cdc98d3bfbda705de24c62733d628883cad20ed7ee2f36b1bfcbc348b19e74e2bd03bcf8a2ed439b8fcd54f30222f316e788120ead7041eca001f
SSDEEP

393216:oKXNTkcyPOQYFXuGlwC6v1IGAUqu7rk/QuNmuipAAAEHfQDW:oKacyPOQYFeMwC6yGAfgrSr

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 3 IoCs

pid	Process
2032	4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe
2032	4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe
2032	4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2032	4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe
2032	4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe

C:\Users\Admin\AppData\Local\Temp\4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe
"C:\Users\Admin\AppData\Local\Temp\4d3af1ed8aaedcf801e5def945610b6250d1c1344e0bada32648cd4624f3a2b3.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2032-0-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download
memory/2032-35-0x0000000000360000-0x0000000000361000-memory.dmp

Filesize
4KB

Download
memory/2032-33-0x0000000000360000-0x0000000000361000-memory.dmp

Filesize
4KB

Download
memory/2032-30-0x0000000000350000-0x0000000000351000-memory.dmp

Filesize
4KB

Download
memory/2032-28-0x0000000000350000-0x0000000000351000-memory.dmp

Filesize
4KB

Download
memory/2032-25-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/2032-23-0x0000000000340000-0x0000000000341000-memory.dmp

Filesize
4KB

Download
memory/2032-20-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/2032-18-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/2032-15-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/2032-13-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/2032-11-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/2032-10-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/2032-8-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/2032-6-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/2032-5-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/2032-3-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/2032-1-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/2032-37-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download
memory/2032-39-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download
memory/2032-38-0x0000000003421000-0x0000000003775000-memory.dmp

Filesize
3.3MB

Download
memory/2032-40-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download
memory/2032-41-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download
memory/2032-44-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download
memory/2032-45-0x0000000000400000-0x0000000004623000-memory.dmp

Filesize
66.1MB

Download