a23fdeddb683f716be744ef3fe9a8ce2c87b02f5e5c1f6c8bdb70881de528304

Submit
Reports

Overview

overview

Static

static

cd94462486...32.exe

windows7-x64

cd94462486...32.exe

windows10-2004-x64

cdb97c07f0...ca.exe

windows7-x64

cdb97c07f0...ca.exe

windows10-2004-x64

cdfbee96df...25.exe

windows7-x64

cdfbee96df...25.exe

windows10-2004-x64

ce01fc8942...b5.exe

windows7-x64

ce01fc8942...b5.exe

windows10-2004-x64

ce5340f773...6e.exe

windows7-x64

ce5340f773...6e.exe

windows10-2004-x64

ce6d4255fc...f1.exe

windows7-x64

ce6d4255fc...f1.exe

windows10-2004-x64

ce8f0a3c5b...fc.exe

windows7-x64

ce8f0a3c5b...fc.exe

windows10-2004-x64

cef4f0409d...db.exe

windows7-x64

cef4f0409d...db.exe

windows10-2004-x64

cf15609eab...81.exe

windows7-x64

cf15609eab...81.exe

windows10-2004-x64

cf3f6f6285...6e.exe

windows7-x64

cf3f6f6285...6e.exe

windows10-2004-x64

cf450b1869...e9.exe

windows7-x64

cf450b1869...e9.exe

windows10-2004-x64

cf56059ae5...a1.exe

windows7-x64

cf56059ae5...a1.exe

windows10-2004-x64

cf79ab31cc...04.exe

windows7-x64

cf79ab31cc...04.exe

windows10-2004-x64

cf8d6b1a05...68.exe

windows7-x64

cf8d6b1a05...68.exe

windows10-2004-x64

cf96c893c9...10.exe

windows7-x64

cf96c893c9...10.exe

windows10-2004-x64

cfd31bf82d...9b.exe

windows7-x64

cfd31bf82d...9b.exe

windows10-2004-x64

Analysis

max time kernel
96s
max time network
143s
platform
windows10-2004_x64
resource
win10v2004-20250314-en
resource tags

arch:x64arch:x86image:win10v2004-20250314-enlocale:en-usos:windows10-2004-x64system
submitted
22/03/2025, 06:16

Sharing

Copy URL

Twitter E-mail

Static task

static1

6 signatures

Behavioral task

behavioral1

Sample

cd94462486ad6fad4ab587ad00762632.exe

Resource

win7-20241010-en

metamorpherrat discovery persistence rat stealer trojan

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd94462486ad6fad4ab587ad00762632.exe

Resource

win10v2004-20250314-en

metamorpherrat discovery persistence rat stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral3

Sample

cdb97c07f0cbc499f78b386b2d398952a930a2715698d9b3589a5f4bb87ae2ca.exe

Resource

win7-20250207-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral4

Sample

cdb97c07f0cbc499f78b386b2d398952a930a2715698d9b3589a5f4bb87ae2ca.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

cdfbee96df9f657c44ea8ed17e90e025.exe

Resource

win7-20240903-en

darkcomet august 2020 discovery persistence rat trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral6

Sample

cdfbee96df9f657c44ea8ed17e90e025.exe

Resource

win10v2004-20250314-en

darkcomet august 2020 discovery persistence rat trojan

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral7

Sample

ce01fc8942b621016741e3fd96b711a32c6375ebea07247fab8b310c8b744ab5.exe

Resource

win7-20250207-en

dcrat infostealer rat

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral8

Sample

ce01fc8942b621016741e3fd96b711a32c6375ebea07247fab8b310c8b744ab5.exe

Resource

win10v2004-20250314-en

dcrat infostealer rat

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral9

Sample

ce5340f77345fe52a889a5f1543f19e4764b86984973180a8fae158fa960576e.exe

Resource

win7-20240903-en

nanocore defense_evasion discovery keylogger persistence spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral10

Sample

ce5340f77345fe52a889a5f1543f19e4764b86984973180a8fae158fa960576e.exe

Resource

win10v2004-20250314-en

nanocore defense_evasion discovery keylogger persistence spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral11

Sample

ce6d4255fc2065eaebf1bb640bffbef1.exe

Resource

win7-20240903-en

metamorpherrat discovery persistence rat stealer trojan

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral12

Sample

ce6d4255fc2065eaebf1bb640bffbef1.exe

Resource

win10v2004-20250314-en

metamorpherrat discovery persistence rat stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral13

Sample

ce8f0a3c5b1faff7d414fc5d91588fa50e2806b342d348092d545ebc0a752bfc.exe

Resource

win7-20241010-en

defense_evasion execution spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral14

Sample

ce8f0a3c5b1faff7d414fc5d91588fa50e2806b342d348092d545ebc0a752bfc.exe

Resource

win10v2004-20250314-en

defense_evasion execution spyware stealer

windows10-2004-x64

10 signatures

150 seconds

Behavioral task

behavioral15

Sample

cef4f0409df2a015e20411fdf8317582dc6ed5f56993dd0122b8006cd695c1db.exe

Resource

win7-20241023-en

xworm rat trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral16

Sample

cef4f0409df2a015e20411fdf8317582dc6ed5f56993dd0122b8006cd695c1db.exe

Resource

win10v2004-20250314-en

xworm rat trojan

windows10-2004-x64

8 signatures

150 seconds

Behavioral task

behavioral17

Sample

cf15609eaba6912ae9b6d7d424c25519f4a8ff30c550a599b00e2ec79d310681.exe

Resource

win7-20250207-en

discovery spyware stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral18

Sample

cf15609eaba6912ae9b6d7d424c25519f4a8ff30c550a599b00e2ec79d310681.exe

Resource

win10v2004-20250314-en

discovery spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Behavioral task

behavioral19

Sample

cf3f6f628505c197d6909686370e5f6e.exe

Resource

win7-20241010-en

dcrat defense_evasion execution infostealer rat trojan

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral20

Sample

cf3f6f628505c197d6909686370e5f6e.exe

Resource

win10v2004-20250314-en

dcrat defense_evasion execution infostealer rat trojan

windows10-2004-x64

20 signatures

150 seconds

Behavioral task

behavioral21

Sample

cf450b1869e9064758b27a7df84b5117a9bdc5e448a47f5170904649fa7fefe9.exe

Resource

win7-20241023-en

remcos host discovery persistence rat spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral22

Sample

cf450b1869e9064758b27a7df84b5117a9bdc5e448a47f5170904649fa7fefe9.exe

Resource

win10v2004-20250314-en

remcos host discovery persistence rat

windows10-2004-x64

11 signatures

150 seconds

Behavioral task

behavioral23

Sample

cf56059ae5d477487f8605c5301ceca1.exe

Resource

win7-20240903-en

remcos host discovery persistence rat spyware stealer

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral24

Sample

cf56059ae5d477487f8605c5301ceca1.exe

Resource

win10v2004-20250314-en

remcos host discovery persistence rat spyware stealer

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral25

Sample

cf79ab31cc7f483d3b8572ef14b47804.exe

Resource

win7-20240903-en

xworm defense_evasion execution persistence rat trojan

windows7-x64

27 signatures

150 seconds

Behavioral task

behavioral26

Sample

cf79ab31cc7f483d3b8572ef14b47804.exe

Resource

win10v2004-20250314-en

xworm bootkit defense_evasion execution persistence rat trojan

windows10-2004-x64

33 signatures

150 seconds

Behavioral task

behavioral27

Sample

cf8d6b1a05c4369c93e7cfd13bf472ffd3ca8206e8ea41e132069d5c485a2a68.exe

Resource

win7-20240903-en

asyncrat discovery persistence rat

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral28

Sample

cf8d6b1a05c4369c93e7cfd13bf472ffd3ca8206e8ea41e132069d5c485a2a68.exe

Resource

win10v2004-20250313-en

asyncrat discovery persistence rat

windows10-2004-x64

13 signatures

150 seconds

Behavioral task

behavioral29

Sample

cf96c893c9bc9bb1f6bbf4d1e00c0910.exe

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

cf96c893c9bc9bb1f6bbf4d1e00c0910.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b.exe

Resource

win7-20241010-en

spyware stealer

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b.exe

Resource

win10v2004-20250314-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b.exe
Size

248KB
MD5

ca51d09aab3cbc9702d5ca12fb345028
SHA1

53f4ce3cf684e3f623eab636cecc4db1f3046073
SHA256

cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b
SHA512

3b3eb9bb77f9a50d21ce7eebc675530091b94216cf9a758eaa39bdbcae8738e95c79ea35da06f969d80d6ff372978fd54ae37bec74b93344d8cb0454237398cb
SSDEEP

3072:EGUPXd3Y8WinC/4+tNDB0fqHx38jjqIl/587+nypZyqasY5oxl:EjXWinyJMiP7LZpaGx

Score

1^/10

Malware Config

Signatures

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
3260	cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b.exe

Processes

C:\Users\Admin\AppData\Local\Temp\cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b.exe
"C:\Users\Admin\AppData\Local\Temp\cfd31bf82d7172bd87616d4d9310518d54d29699e851d81df254138d7e29859b.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:3260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3260-0-0x00007FFEE53D5000-0x00007FFEE53D6000-memory.dmp

Filesize
4KB

Download
memory/3260-1-0x000000001B830000-0x000000001B8D6000-memory.dmp

Filesize
664KB

Download
memory/3260-2-0x00007FFEE5120000-0x00007FFEE5AC1000-memory.dmp

Filesize
9.6MB

Download
memory/3260-3-0x00007FFEE5120000-0x00007FFEE5AC1000-memory.dmp

Filesize
9.6MB

Download
memory/3260-4-0x000000001C700000-0x000000001CBCE000-memory.dmp

Filesize
4.8MB

Download
memory/3260-6-0x00007FFEE5120000-0x00007FFEE5AC1000-memory.dmp

Filesize
9.6MB

Download