Overview

overview

7

Static

static

3

c1cc33ae10...1N.exe

windows7-x64

7

c1cc33ae10...1N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    95s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/10/2024, 00:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1cc33ae10c4f521df9944670172b1343743c7a4dfe6e78647cd397fee44d4d1N.exe

  • Size

    1.2MB

  • MD5

    f7516308fb7b54e98ef2fa6c9d002270

  • SHA1

    84ab7955b7c4fe296c4b3e0e04c47f0a98299a92

  • SHA256

    c1cc33ae10c4f521df9944670172b1343743c7a4dfe6e78647cd397fee44d4d1

  • SHA512

    1d28ecd97ac05f4ef88842bd107ad5a0b34326c54d24fea044e5111275716dd80ca83461f3e4fa1e8c3501aa55eee5c4ae33d4ccdb7767a307e98c119af8c897

  • SSDEEP

    24576:3hMxpvT/ttHex9HN+3Y9TfHOL5dWgEP3SfZINa7YYbFRMqMM2P/dtiU:3hMxl/tt+x9Hw3Y9TvC5dWgEPCZINaju

Score
7/10
discovery

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of SetWindowsHookEx 49 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c1cc33ae10c4f521df9944670172b1343743c7a4dfe6e78647cd397fee44d4d1N.exe
    "C:\Users\Admin\AppData\Local\Temp\c1cc33ae10c4f521df9944670172b1343743c7a4dfe6e78647cd397fee44d4d1N.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of SetWindowsHookEx
    PID:3956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1\iext.fnr
    Filesize

    200KB

    MD5

    65b0e75944035c5c8812eabb0c269d6f

    SHA1

    2baf2dd9d8c1b1c8872b131ff59002e2a4b78e2f

    SHA256

    a4308bdc3b42ed3c93ab9aa7ed408cdb760dfc4bfacd93b2431e127478630511

    SHA512

    0dcce11d619a8b6955565502623ce677fcd2623f889c925c292ea68d6511df8a9a208a47f4e3066811ed74da0700a0445435c3b49df67b555c9bb7aadc46674f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\1\iext2.fne
    Filesize

    460KB

    MD5

    6eb20bb6cafd6d31e871ed3abd65a59c

    SHA1

    ae6495ea4241bcde20e415f2940313785a4a10d2

    SHA256

    2b3fe250f07229eaa58d1bc0c4ac103ba69ad622c27410151ce1d6d46a174bae

    SHA512

    562edc1f058bc280333a6659fceb5a51b3a40bea7aca87db09b0cc1ca1966f26f2a7e4760b944e2502e20257544f85cf9c32f583f1dec06271a35dcfb8fa90f4

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\1\iext3.fne
    Filesize

    368KB

    MD5

    ed760350798b43e32a7a580680cdbcd1

    SHA1

    a1f7913a326a980416e8ac1404a68b7dfd3869eb

    SHA256

    26e0581fc0fe2f51fb1730917538cee9af587a3e156b0e8dcd050b15dccba863

    SHA512

    a24c11453678a1dd4e6521b3ebbac8b01a00458c329239bd3519e84a97cad4963070d715eeba610392eb793486fdc7bea5d073c084eac4aae6da00073aca7841

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\1\krnln.fnr
    Filesize

    1.1MB

    MD5

    cf46bb62a1ba559ceb0fad7a5d642f28

    SHA1

    80b63dd193e84bfacbe535587dd38471b8ea2c24

    SHA256

    fe4bba1a99b332c8bbd196d3a2f3c78d9edc8f212842ff2efef17eba38427f67

    SHA512

    1f71f31fdc1ef7695d7a6e79218a9192804178bb2af80486de4f8ff3d7e176860813a61fa265bf78fe4ff722a85b72798938d715d8a2a034ac759505197a1058

    Download Submit

  • memory/3956-0-0x0000000000400000-0x000000000041C000-memory.dmp

    Filesize

    112KB

    Download

  • memory/3956-12-0x00000000024C0000-0x0000000002543000-memory.dmp

    Filesize

    524KB

    Download

  • memory/3956-19-0x00000000021C0000-0x0000000002200000-memory.dmp

    Filesize

    256KB

    Download

  • memory/3956-26-0x00000000025C0000-0x000000000262C000-memory.dmp

    Filesize

    432KB

    Download

  • memory/3956-30-0x0000000000400000-0x000000000041C000-memory.dmp

    Filesize

    112KB

    Download