Overview

overview

6

Static

static

3

04e0beb622...25.exe

windows7-x64

6

04e0beb622...25.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    141s
  • max time network
    144s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    27/05/2024, 18:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    04e0beb62266c512e0afbb069c3b108b4dbb05cbf74e98ce501e2923fcba6b25.exe

  • Size

    2.3MB

  • MD5

    06fc039b3af13b69a9ab48b8c31262bf

  • SHA1

    27c969a5c13ab83b89ffb5d84be8b06cea1cb10f

  • SHA256

    04e0beb62266c512e0afbb069c3b108b4dbb05cbf74e98ce501e2923fcba6b25

  • SHA512

    b2a3de581d8af1171ae0e4d84b9de17e88259e2f6db6c967369c2086bcddf0d54b2bbcf11f91fb5766538ebd75cc06ee91d229422ad7e6d93bccfa48b64624a1

  • SSDEEP

    49152:t4RVI2jkes95hIHrUi6N770TLraVGMGeUiu5EDEHu56hcaInOg:qvIOq5hIo1N7FTGliqm2

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious use of FindShellTrayWindow 7 IoCs
  • Suspicious use of SendNotifyMessage 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\04e0beb62266c512e0afbb069c3b108b4dbb05cbf74e98ce501e2923fcba6b25.exe
    "C:\Users\Admin\AppData\Local\Temp\04e0beb62266c512e0afbb069c3b108b4dbb05cbf74e98ce501e2923fcba6b25.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:2884

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/2884-0-0x0000000140000000-0x00000001404A8000-memory.dmp

          Filesize

          4.7MB

          Download