Overview

overview

5

Static

static

5

a031e38dd4...8f.exe

windows7-x64

5

a031e38dd4...8f.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    29-05-2024 01:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a031e38dd4b3592bc6905486f06fd0f723932081001edae927977ce87c2ae58f.exe

  • Size

    1.1MB

  • MD5

    15b18cafa7132d39d8f9c1d0eea54ef2

  • SHA1

    0d3c6239aafdaf93cec6f7ad230440fba58be7eb

  • SHA256

    a031e38dd4b3592bc6905486f06fd0f723932081001edae927977ce87c2ae58f

  • SHA512

    a179c1691a5df2a408a64319ff32176cc07624f8bd543f7ee2cae0a50bd9d75a7bbbd57e42d786630c00cf029e9617571b2ac4fb17f680c65feac8716ec49397

  • SSDEEP

    24576:eAHnh+eWsN3skA4RV1Hom2KXMmHalPwIKlVETwpTpyRehK5:Jh+ZkldoPK8YalYIKlPTpy8u

Score
5/10

Malware Config

Signatures

  • AutoIT Executable 2 IoCs

    AutoIT scripts compiled to PE executables.

  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a031e38dd4b3592bc6905486f06fd0f723932081001edae927977ce87c2ae58f.exe
    "C:\Users\Admin\AppData\Local\Temp\a031e38dd4b3592bc6905486f06fd0f723932081001edae927977ce87c2ae58f.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\holloing
    Filesize

    264KB

    MD5

    ae52e8f2399a901c240a0f532d0f1313

    SHA1

    c2c846e41ab83e69f16ab479bc64f1bad9ade497

    SHA256

    e3f2d549c2f253e41d1b4919d23e50408a7a63a2e46ce861d6664b3232ee4b37

    SHA512

    3e2184fa27ad1234ec1f42d99397d46b71a8d45a37a7f7b804db08e1313661cae55202ef08bb4318e8f4284e93bb24e609b6875e1456e1edc5fc127ad037834e

    Download Submit

  • memory/1700-11-0x0000000000160000-0x0000000000280000-memory.dmp

    Filesize

    1.1MB

    Download

  • memory/1700-12-0x0000000000160000-0x0000000000280000-memory.dmp

    Filesize

    1.1MB

    Download