Overview

overview

7

Static

static

7

5323af959d...0N.exe

windows7-x64

3

5323af959d...0N.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

e$EXEFILE.exe

windows7-x64

3

e$EXEFILE.exe

windows10-2004-x64

1

wget.exe

windows7-x64

7

wget.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15-09-2024 07:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e$EXEFILE.exe

  • Size

    342KB

  • MD5

    f75a1f2be308fba5afea667a21c9e9b4

  • SHA1

    fb844941a60b2aa1d57c4d8d8f33b768c56814d8

  • SHA256

    903023707797633fb0776e6a5cd65c84ff07e6e9d3d58066f9f71e8b96079205

  • SHA512

    b8405d2d379bdef7bc8136273cdc7ac36c2e2527163377f149dc8044d5e1ed9f8b9f2bc79c402c8971f426db8886d698608e31f97baa309b50b5861e332a4654

  • SSDEEP

    6144:LZeZwfc0rwS1IwYNAbW0tuGEm49ehJj/HqgfmMWcW0CJ+2+NtKGM:1emflNSwOS3hJj/HqM/W0CgbP

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e$EXEFILE.exe
    "C:\Users\Admin\AppData\Local\Temp\e$EXEFILE.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2964

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2964-0-0x000007FEF524E000-0x000007FEF524F000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2964-1-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-2-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-3-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-4-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-5-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-6-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-7-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download

  • memory/2964-9-0x000007FEF4F90000-0x000007FEF592D000-memory.dmp

    Filesize

    9.6MB

    Download