Overview

overview

7

Static

static

1

keymanager_setup.exe

windows7-x64

7

keymanager_setup.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    141s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-07-2024 15:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    keymanager_setup.exe

  • Size

    2.1MB

  • MD5

    568bc261204f476b2b231cc86a5f56bc

  • SHA1

    ccfa43f9b3bde80bdfbdfc6c8bf3459f6ad3ad47

  • SHA256

    1a817d66dd70b9e04ab7aebd99bc97d167f77d68f9551f617bdece2d7b2716be

  • SHA512

    33836a062ac001463e6f53c7a99619bc4b436b93e5b5fd8c3122ae1b8d26a0c8d7b2314d36b3f4fe6608f576f4ea9aa833bf9ac5c5be9f4ad38a62ea3e3f2a6c

  • SSDEEP

    49152:E+xyvwIuPwcbvOVMrLHHkFevC4qGqr4UuWEpOO9GCkvf+ocky:04mcjrLY4Pqr4UTMG9X+oNy

Score
4/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\keymanager_setup.exe
    "C:\Users\Admin\AppData\Local\Temp\keymanager_setup.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1428
    • C:\Users\Admin\AppData\Local\Temp\is-F4B5H.tmp\keymanager_setup.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-F4B5H.tmp\keymanager_setup.tmp" /SL5="$701C0,1675432,121344,C:\Users\Admin\AppData\Local\Temp\keymanager_setup.exe"
      2⤵
      • Executes dropped EXE
      PID:2600

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-F4B5H.tmp\keymanager_setup.tmp
    Filesize

    1.2MB

    MD5

    23753ae5d0a9db6215a037575e84d557

    SHA1

    295fb6921dc903db58fd91cd89de0d496708f88c

    SHA256

    093f33b70d42e3d6d613669e75e1d2239b6f0ab11328ae3315508e99b305aafd

    SHA512

    e27ca3c7d6e02f16f16d428b0f0fa49e1dbdd1d702bbc32b43efb06480635c22ff29e7f68bf3046a8d766a86afbd719fdea4f75a3eca5edfba406453ee1e025c

    Download Submit

  • memory/1428-1-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/1428-2-0x0000000000401000-0x0000000000412000-memory.dmp

    Filesize

    68KB

    Download

  • memory/1428-8-0x0000000000400000-0x0000000000428000-memory.dmp

    Filesize

    160KB

    Download

  • memory/2600-6-0x0000000000400000-0x000000000052E000-memory.dmp

    Filesize

    1.2MB

    Download

  • memory/2600-9-0x0000000000400000-0x000000000052E000-memory.dmp

    Filesize

    1.2MB

    Download