Overview

overview

7

Static

static

3

14fa2694ab...f7.exe

windows7-x64

7

14fa2694ab...f7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 01:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    14fa2694ab81b0db6b6fb9749aa913f7.exe

  • Size

    279KB

  • MD5

    14fa2694ab81b0db6b6fb9749aa913f7

  • SHA1

    1221b8f19e0428ae2afc70f6eab7a57d908741b4

  • SHA256

    9f6c458c241087f216c08d28fbbb5dacfc80db569172369ad2c4fcabbaa43b61

  • SHA512

    1f83ac772c4fc4f3cc65e5ef59415687ac177c6d2b4b8f5b1f68c00489e2c639083ab1df0f9f400571ed0053ff7f8271084e51222136e99c9d3492ef84328220

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14fa2694ab81b0db6b6fb9749aa913f7.exe
    "C:\Users\Admin\AppData\Local\Temp\14fa2694ab81b0db6b6fb9749aa913f7.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2944
    • C:\Program Files\reporting\message.exe
      "C:\Program Files\reporting\message.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2852

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Program Files\reporting\message.exe
          Filesize

          279KB

          MD5

          b3f8dc71c98edf83bc2fb4ac4f124350

          SHA1

          d9975798e71ca385fe1bf9e793dcd538fb79c5f6

          SHA256

          268a382abfe89f9bc6fd16bef31f5b0931d415b4ffb1efa49aafea4d377c24cb

          SHA512

          da83b756a4f9ddc2b9dd6ec8e9475c794f6e30f205a70825bda09a480f13f28e4994a07fcdbb566c5f1f168fee4e0820c4d99d6e294594f1cf976cd960b24e0a

          Download Submit