Overview

overview

4

Static

static

3

Blood Serv...er.exe

windows7-x64

4

Blood Serv...er.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    361s
  • max time network
    362s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    30/06/2024, 12:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Blood Service Spoofer.exe

  • Size

    193KB

  • MD5

    73bf83f4716a90e5a0d9b91f1b5aef7b

  • SHA1

    f22ccc8abe138a2d68d876145fd0caaf562ac93f

  • SHA256

    78a5b8cc483c80cc6256c50ef76e3f8268ed08259731850bd7df1960563ae2f5

  • SHA512

    8e4c80e0b4af97941464cd420c77e0bdb46322f80c3182df98ef932bd6fc513c5e14eb6c20b89233b0f2033d2bbfe75c09025359c4e8f17a5fec54313b3acc63

  • SSDEEP

    6144:Mtzsb5Uh28+V1WW69B9VjMdxPedN9ug0z9TB9SjA+xK7h:MtzE5elwLz9Tr4A+wt

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Blood Service Spoofer.exe
    "C:\Users\Admin\AppData\Local\Temp\Blood Service Spoofer.exe"
    1⤵
      PID:3052
    • C:\Windows\system32\eudcedit.exe
      "C:\Windows\system32\eudcedit.exe"
      1⤵
      • Drops file in Windows directory
      • Suspicious use of SetWindowsHookEx
      PID:2816
    • C:\Windows\system32\eudcedit.exe
      "C:\Windows\system32\eudcedit.exe"
      1⤵
      • Drops file in Windows directory
      • Suspicious use of SetWindowsHookEx
      PID:2724

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads