Overview

overview

3

Static

static

3

Ceiling HS Script.exe

windows7-x64

1

Ceiling HS Script.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    95s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/07/2024, 15:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Ceiling HS Script.exe

  • Size

    1.3MB

  • MD5

    6d61b808a6512abff734eaffcfd6b644

  • SHA1

    db724a71480fd7e2b772942fd7907d0df4af5267

  • SHA256

    4ef9b446a79b792a16a83d2e56e00f387fb686478bda9036252448c1bbb5ae81

  • SHA512

    f206c9fb76d0b653a30a32a5062bb026a6161411626262934bcd4c7ef32ded9d5d93cd50c41efe0acbba219f9a0c7b539feead646d38a21d958f730b6eaa890a

  • SSDEEP

    24576:UzHTU21jZ3gSSrBHLR2ZkSMYEBBUCmi9tD8Ho84hZCFBfDg3:c4211gSSrBHEZkiETnmi9GoN3CFBfDe

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SendNotifyMessage 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Ceiling HS Script.exe
    "C:\Users\Admin\AppData\Local\Temp\Ceiling HS Script.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of SetWindowsHookEx
    PID:3616

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads