Analysis

  • max time kernel
    142s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    13-06-2024 01:10

General

  • Target

    DAT#OS#ELEKRVHIINOX_FISCALlauy.exe

  • Size

    125.9MB

  • MD5

    a271992265ba87e99536059255b1d5ee

  • SHA1

    f093c39d2cfc7b1f0bb78bc6e82a5154ac2eaea2

  • SHA256

    3687ce1b0865f1c821d471d3f85b8403b5cfd127f807bb1f3aa9cd2fef7db4d9

  • SHA512

    cfbec8e0ec5ca73bb0e8e68997c5ab52932a135dceb47ea2117d9c96b4d6b6b3d8608900ddac99979e8d034451f71d459658fc4bc66c0d1e360efc5e53c0fe1d

  • SSDEEP

    98304:5qgAhmsJqcnZQ4RpKtHyBGKQ1kz4kiDC8KM7q55etk0O9W1l:JArlgxKRJiDC8KM33O9W1l

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\DAT#OS#ELEKRVHIINOX_FISCALlauy.exe
    "C:\Users\Admin\AppData\Local\Temp\DAT#OS#ELEKRVHIINOX_FISCALlauy.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2424

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2424-0-0x0000000000B30000-0x0000000001B30000-memory.dmp

    Filesize

    16.0MB