Overview

overview

3

Static

static

3

clumsy.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    128s
  • max time network
    119s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240730-en
  • resource tags

    arch:x64arch:x86image:win11-20240730-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    02-08-2024 16:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    clumsy.exe

  • Size

    1.3MB

  • MD5

    7405e387d9cf2eb42a8f8782f90cb0fb

  • SHA1

    7ef2450768ff27f927ab491a748c8b8b0aaf50e6

  • SHA256

    94930bc3f5a3a93642950514422c04905894494acf17796419cdb4523be69689

  • SHA512

    84d8d82458db87f84da43f8c1c4e2edf33af80cf82104a59847eb2389f06aa11c8c603c718776e9a0d1986faa1d4575bec5d0536e836add970356cf57f555a05

  • SSDEEP

    24576:jjpx0JIfJx/zW2Um0aaIMS7E3aAOErfN/mqJfYQ8XQybjpEy:jlxgIf3Km5j7MOEbtmIfYQ8Xfbjp

Score
1/10

Malware Config

Signatures

  • Modifies registry class 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\clumsy.exe
    "C:\Users\Admin\AppData\Local\Temp\clumsy.exe"
    1⤵
      PID:2644
    • C:\Windows\System32\rundll32.exe
      C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
      1⤵
        PID:3184
      • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
        "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
        1⤵
        • Modifies registry class
        • Suspicious use of SetWindowsHookEx
        PID:4264
      • C:\Windows\system32\svchost.exe
        C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
        1⤵
          PID:1428

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
          Filesize

          10KB

          MD5

          0eb296183b04a5125df6f01890efef85

          SHA1

          fcc3d826934aeaf28651fcd86063133c23f2cd1f

          SHA256

          88f694fec81599ed7d4851f4eb4969fb246b018c575f0d89ffc88a5d20b7c093

          SHA512

          95a11d5f17095293452825f66c3b319531cfdbc4e271a520f62c92a6f16d1c5d2412e766ef01102ce00d60d6e89516c0663f74fd1b01a928711d3b1f894b3317

          Download Submit