Overview

overview

10

Static

static

10

HadesKey SE.exe

windows7-x64

1

HadesKey SE.exe

windows10-2004-x64

6

HadèsKey ...pt.exe

windows7-x64

1

HadèsKey ...pt.exe

windows10-2004-x64

1

ReActiveMe.exe

windows7-x64

10

ReActiveMe.exe

windows10-2004-x64

10

Stub.exe

windows7-x64

1

Stub.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    01-08-2024 22:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ReActiveMe.exe

  • Size

    149KB

  • MD5

    9e4e14cf1ab81480a83d489901f4d0ec

  • SHA1

    f6f628a311d07060743187a29f9f21ff615f0f32

  • SHA256

    70a4e7c6e862b6b7c95b711fbfaae271af7c36f1bcf2c3994c658359da84d8bd

  • SHA512

    495841a0b43efa44973c0b73c6c61b87ddc8a012bb7ef3ef51fd5fef57bf9ca2df69a99cdbac6fb7374bd96ccf36381d53f60ccfe84f907df72213427eda16cb

  • SSDEEP

    3072:KBrklLwN9Fr0VFd/dGYD+uL/yHdgrKgsiTCYPbdJdfyRoToo8IcPfNzSKnc:tLwN9F60dgrKgfCYhTt8XN

Score
10/10
evasiontrojan

Malware Config

Signatures

  • UAC bypass 3 TTPs 1 IoCs
    evasiontrojan
  • Disables RegEdit via registry modification 1 IoCs
    evasion
  • Disables Task Manager via registry modification
    evasion
  • Checks whether UAC is enabled 1 TTPs 1 IoCs
    evasiontrojan
  • System policy modification 1 TTPs 2 IoCs
    evasion

Processes

  • C:\Users\Admin\AppData\Local\Temp\ReActiveMe.exe
    "C:\Users\Admin\AppData\Local\Temp\ReActiveMe.exe"
    1⤵
    • UAC bypass
    • Disables RegEdit via registry modification
    • Checks whether UAC is enabled
    • System policy modification
    PID:2636

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2636-0-0x000007FEF5ECE000-0x000007FEF5ECF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2636-1-0x000007FEF5C10000-0x000007FEF65AD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2636-2-0x000007FEF5C10000-0x000007FEF65AD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2636-3-0x000007FEF5C10000-0x000007FEF65AD000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2636-4-0x000007FEF5C10000-0x000007FEF65AD000-memory.dmp

    Filesize

    9.6MB

    Download