Overview

overview

7

Static

static

7

60599233d6...18.exe

windows7-x64

7

60599233d6...18.exe

windows10-2004-x64

7

$PLUGINSDI...64.dll

windows7-x64

3

$PLUGINSDI...64.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...om.dll

windows7-x64

7

$PLUGINSDI...om.dll

windows10-2004-x64

7

bosskey3.exe

windows7-x64

7

bosskey3.exe

windows10-2004-x64

7

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/07/2024, 23:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bosskey3.exe

  • Size

    923KB

  • MD5

    f4a74b7c68455e2009fbaa46dc148536

  • SHA1

    d7fdcb8df3bcd75e9c20d5cbbfbba015bf53895e

  • SHA256

    85cdf77a7bdbf40702532e8d1adb8c0735247610a29a18c44646a8249ac43d90

  • SHA512

    f7fb73836a9d48df07bae4994d339f49f352a1f23cc1690e3c923bd23ff5a1f7b15c39efe3b21bc2ebb5512f2febe73fac30ee4f6452f722487864d1c684a6bc

  • SSDEEP

    24576:2EIR4jeINSC8h4vY0nlPMqNw3si/GpXbWR2DM2:29aJhY0lMwwX/GVbWR4M2

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 5 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bosskey3.exe
    "C:\Users\Admin\AppData\Local\Temp\bosskey3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of SetWindowsHookEx
    PID:4968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E_4\eMMedia.fne
    Filesize

    264KB

    MD5

    2913c28658349abf989e304d8335cebd

    SHA1

    3d69086a6903294e58506e6a0c399693bb35e597

    SHA256

    accf947669c9f626a6fe12bbd6529b3e2b095219621bf3b3889473f42a9054c0

    SHA512

    d9aca925441c901faed141154a03972efe7d4022964eb77a3f4c4e5b0d2c352d224b0d7bcf3e9d9f931fc46ddef21f077eccedc4ccce985a229f279cd1d9cfac

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\krnln.fnr
    Filesize

    1.0MB

    MD5

    1081d7eb7a17faedfa588b93fc85365e

    SHA1

    884e264fa37bfb9e71d24f3f5c7554fdf94a8b9f

    SHA256

    0351d055cf1e194302ab125cc93208a8c733efb45dc301ca6e7e2a4051f411e0

    SHA512

    1ff9e7c495b9e005c8d3b56219794c31d804fe1944429e3d4fe013fd8fcb3f51c02b588748c7d9d869fdb115851932e8db4e6792aecd9c83f28237702582ba81

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\E_4\shellEx.fne
    Filesize

    13KB

    MD5

    a72cd2b05566abc76fa83369201832c7

    SHA1

    a65ef80d3a30a33fe33c673825e6c6eafdc54690

    SHA256

    f5cc8a0043b29ea65c200b8a312b0478f6bb7914a733a21d64849d8c02976ec0

    SHA512

    d72691fd2bc421bb0b9375995758ea9f3064002334373bcac04ac406ab56fcbc9b5ef985bf34704dcb20eea5c14518d1fdb5e5d9ac897381cd1e7def276855c1

    Download Submit

  • memory/4968-0-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download

  • memory/4968-11-0x0000000002360000-0x00000000023A6000-memory.dmp

    Filesize

    280KB

    Download

  • memory/4968-20-0x0000000000400000-0x000000000042A000-memory.dmp

    Filesize

    168KB

    Download