845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240419-en
resource tags

arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
submitted
26-06-2024 00:16

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe
Size

14.3MB
MD5

0cb85f3261240a3e7371f18db5d8474f
SHA1

bd3df178717c11b50f57610cea7f3f5b3ba51782
SHA256

845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33
SHA512

d1430dcc5e0d2041421ad1792150180fd0fc77ca4a29ad5e0c0f5f2c00bac4c6489497a3edbf72abb8e9565dccb5ace9c0b5c72915bbaecf9233b6262b7cb40f
SSDEEP

393216:7QYVZv4/V+RfvSLoa8qYS06xhOXyiP+eJH0H:7QYb4/SvSLoPk0PV+EHI

Score

7^/10

Malware Config

Signatures

Loads dropped DLL 1 IoCs

pid	Process
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe

Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs

pid	Process
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe
1600	845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe

C:\Users\Admin\AppData\Local\Temp\845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe
"C:\Users\Admin\AppData\Local\Temp\845f89c6ca62dd6c0754e7cbc0210e8525459d6028c632501ea4773849f1ee33.exe"
1⤵
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx
PID:1600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\E2EECore.2.3.0.dll

Filesize
8.2MB

MD5
b36c5ac6ebe053d9c9e638b688723f46

SHA1
63c51f04293e26a8a49fa04c5e0b342ffae5381f

SHA256
860394ea3a52757ce1a875e5a598c3c30752a673150df37b7c0e599f224f5877

SHA512
933f428911ed0e56fa201f124ab85f5383cf9ae3465516c8eaf4d2d63788ffd3812df67f3fd75a1304b26e4bcebc6bd84fa08563dd5b9c4727f86bf96a0d5a09

Download Submit
memory/1600-16-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/1600-41-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download
memory/1600-15-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/1600-40-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download
memory/1600-13-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/1600-35-0x00000000002B0000-0x00000000002B1000-memory.dmp

Filesize
4KB

Download
memory/1600-33-0x00000000002B0000-0x00000000002B1000-memory.dmp

Filesize
4KB

Download
memory/1600-30-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/1600-28-0x00000000002A0000-0x00000000002A1000-memory.dmp

Filesize
4KB

Download
memory/1600-25-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/1600-23-0x0000000000290000-0x0000000000291000-memory.dmp

Filesize
4KB

Download
memory/1600-11-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/1600-18-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/1600-0-0x0000000000586000-0x0000000000EBF000-memory.dmp

Filesize
9.2MB

Download
memory/1600-44-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download
memory/1600-38-0x00000000002C0000-0x00000000002C1000-memory.dmp

Filesize
4KB

Download
memory/1600-20-0x0000000000280000-0x0000000000281000-memory.dmp

Filesize
4KB

Download
memory/1600-10-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/1600-8-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/1600-6-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/1600-5-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/1600-3-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/1600-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/1600-49-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download
memory/1600-50-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download
memory/1600-51-0x0000000000586000-0x0000000000EBF000-memory.dmp

Filesize
9.2MB

Download
memory/1600-52-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download
memory/1600-53-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download
memory/1600-54-0x0000000000400000-0x0000000001D15000-memory.dmp

Filesize
25.1MB

Download