08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f

Analysis

max time kernel
120s
max time network
124s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
03/09/2024, 09:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe
Size

11.2MB
MD5

5f98319d286c6f45b6cb998d4bd46806
SHA1

2e077900b009a105e57f921fb4b5f9dc81caedb9
SHA256

08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f
SHA512

511da3cbabfebfd9159d55a9741a434238277e62331d34d8a18caf40048dfa1e1be7b4a71e570419087f46be4f40f4351e0ab0c6787ae6e418847964df63749c
SSDEEP

196608:B9Vx2uCgggfj+gF9Z5jdKAH7ICc4sI5n+/8IfjQH7Uzh/ayarkg6n/u:2/RGJVdKsYoTeh/+4g6/u

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2556	08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
2556	08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe

Suspicious use of SendNotifyMessage 1 IoCs

pid	Process
2556	08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
2556	08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe
2556	08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe

C:\Users\Admin\AppData\Local\Temp\08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe
"C:\Users\Admin\AppData\Local\Temp\08a0b63d8e181e6ed9e254fea9649d2c328868286b2ce5956008a4793a1e092f.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of SetWindowsHookEx
PID:2556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2556-9-0x00000000774E0000-0x00000000774E2000-memory.dmp

Filesize
8KB

Download
memory/2556-37-0x000000013FA70000-0x0000000141458000-memory.dmp

Filesize
25.9MB

Download
memory/2556-35-0x000007FEFD780000-0x000007FEFD782000-memory.dmp

Filesize
8KB

Download
memory/2556-33-0x000007FEFD780000-0x000007FEFD782000-memory.dmp

Filesize
8KB

Download
memory/2556-40-0x000000013FA70000-0x0000000141458000-memory.dmp

Filesize
25.9MB

Download
memory/2556-30-0x000007FEFD770000-0x000007FEFD772000-memory.dmp

Filesize
8KB

Download
memory/2556-28-0x000007FEFD770000-0x000007FEFD772000-memory.dmp

Filesize
8KB

Download
memory/2556-25-0x0000000077510000-0x0000000077512000-memory.dmp

Filesize
8KB

Download
memory/2556-23-0x0000000077510000-0x0000000077512000-memory.dmp

Filesize
8KB

Download
memory/2556-21-0x0000000077510000-0x0000000077512000-memory.dmp

Filesize
8KB

Download
memory/2556-20-0x0000000077500000-0x0000000077502000-memory.dmp

Filesize
8KB

Download
memory/2556-18-0x0000000077500000-0x0000000077502000-memory.dmp

Filesize
8KB

Download
memory/2556-16-0x0000000077500000-0x0000000077502000-memory.dmp

Filesize
8KB

Download
memory/2556-15-0x0000000140085000-0x0000000140925000-memory.dmp

Filesize
8.6MB

Download
memory/2556-14-0x00000000774F0000-0x00000000774F2000-memory.dmp

Filesize
8KB

Download
memory/2556-12-0x00000000774F0000-0x00000000774F2000-memory.dmp

Filesize
8KB

Download
memory/2556-10-0x00000000774F0000-0x00000000774F2000-memory.dmp

Filesize
8KB

Download
memory/2556-7-0x00000000774E0000-0x00000000774E2000-memory.dmp

Filesize
8KB

Download
memory/2556-5-0x00000000774E0000-0x00000000774E2000-memory.dmp

Filesize
8KB

Download
memory/2556-4-0x00000000774D0000-0x00000000774D2000-memory.dmp

Filesize
8KB

Download
memory/2556-2-0x00000000774D0000-0x00000000774D2000-memory.dmp

Filesize
8KB

Download
memory/2556-0-0x00000000774D0000-0x00000000774D2000-memory.dmp

Filesize
8KB

Download
memory/2556-41-0x0000000140085000-0x0000000140925000-memory.dmp

Filesize
8.6MB

Download
memory/2556-42-0x000000013FA70000-0x0000000141458000-memory.dmp

Filesize
25.9MB

Download