Overview

overview

7

Static

static

3

09cd846922...0N.exe

windows7-x64

7

09cd846922...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    103s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21-07-2024 20:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09cd8469223e3ee7b05dae3b58471de0N.exe

  • Size

    29KB

  • MD5

    09cd8469223e3ee7b05dae3b58471de0

  • SHA1

    8b35610c801517d9ec59d1533e8c68b0339cdabe

  • SHA256

    390985b4a3d2faf3ff391f3a75081ac2a4655f280201ee1299848cb8d9896031

  • SHA512

    78fe6f2e9e216c365a4d34229b7ebca63c25f56657d430c634d5ea2fadfdde82cf50bf224a16f7c6a184693c9c68b3aec47a64c45aa6c9c4d52a42c27d60e36b

  • SSDEEP

    384:v/4LNJY74JwOllSBQmrb0i5PrmqHIKpa54b5f0iws0wGXLR:v/qSamrxDmqoKM4Z0iwtwALR

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\09cd8469223e3ee7b05dae3b58471de0N.exe
    "C:\Users\Admin\AppData\Local\Temp\09cd8469223e3ee7b05dae3b58471de0N.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3524
    • C:\Users\Admin\AppData\Local\Temp\2024072120.exe
      C:\Users\Admin\AppData\Local\Temp\2024072120.exe down
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2756
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\del.bat
      2⤵
        PID:4028

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\2024072120.exe
      Filesize

      29KB

      MD5

      4478044ac0a5bca5b39a9cd543e56df9

      SHA1

      6873c6f5f85ec08f0508503ae89c490c7f32db9d

      SHA256

      f3890d3925e12016394240f112e4d14b3007cdf4c6644e4dbb0bab95844f3732

      SHA512

      b92a09d12df5a1a9da5f3ead42fe14fe618814846984ebc4b3fefdb3dc71d596b7dd503acfdf7f2835c86d6893d08c7a39eaf52d2b226246f589963e44294979

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\del.bat
      Filesize

      174B

      MD5

      7048fa05e1a65ccd30a4e5eab366e77c

      SHA1

      4039cff4316250ce943fae27198e030b8652ebad

      SHA256

      3fbf6eb28d35dcdb89bc7805b2561729343179adada37a5973dc0de9b5cd3003

      SHA512

      661a4af42c86fddd9ebd334e148ca12b4ed938fa64d156ec50c08728531e7e691dccd39196e1f07086b71ea606e1658a92f0c05dd209cc3d2c7fe6b9b003a350

      Download Submit

    • memory/2756-14-0x0000000000400000-0x0000000000408000-memory.dmp

      Filesize

      32KB

      Download