Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

3

cryptolaemus

windows11-21h2-x64

10

Analysis

  • max time kernel
    93s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/05/2024, 11:10

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8b24e43d325a556c6797cc7753f6a555d47b0c7f24bad99b2009baf8a0796065.exe

  • Size

    9.3MB

  • MD5

    598f99c870529c864b369aff4b27fc20

  • SHA1

    867bb49c288e93ac0fbd6631183373be56527c79

  • SHA256

    8b24e43d325a556c6797cc7753f6a555d47b0c7f24bad99b2009baf8a0796065

  • SHA512

    1114a296257e5092f714073ee8542fc6ed3cc14ccadad45a2ab452b219f1b71faacd6a071c83ac1cad8919d418536e7701c18982bdc58aca5cc8421bb43f1973

  • SSDEEP

    24576:IGAbS7ZX8hjUTgcUjChFMT9ChBZCWERAmpJKOf7ygPYoU1RI5tsBydOfC/zg347N:/1RTxUmiTIhHicg1U1RI5tsB4772qc2

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b24e43d325a556c6797cc7753f6a555d47b0c7f24bad99b2009baf8a0796065.exe
    "C:\Users\Admin\AppData\Local\Temp\8b24e43d325a556c6797cc7753f6a555d47b0c7f24bad99b2009baf8a0796065.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:852
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 852 -s 1388
      2⤵
      • Program crash
      PID:3768
  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 852 -ip 852
    1⤵
      PID:3844

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/852-2-0x0000000002CE0000-0x0000000002CE1000-memory.dmp

            Filesize

            4KB

            Download