Overview

overview

10

Static

static

10

b0e5fddc84...0d.exe

windows7-x64

10

b0e5fddc84...0d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    30-06-2024 01:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b0e5fddc8448dc854ab400c9b0ac82c43a2f44fa6970cd2975e7d28116a7740d.exe

  • Size

    989KB

  • MD5

    1aeb3a19d439d8a4a00313d12f463827

  • SHA1

    beedd7366e1ef168595d800ebe013067c78775de

  • SHA256

    b0e5fddc8448dc854ab400c9b0ac82c43a2f44fa6970cd2975e7d28116a7740d

  • SHA512

    074c2316d385feb4c78e6068a8fbf37d570bb9ee87a69b76bc3878a1b18eb9f97ca6511709008dcc60158d0dc81395adaed5e309d0266ed7713e7e5e4e442422

  • SSDEEP

    24576:liG03BDYmHDQKcdE2v4jtaUN4cDHZgboRxRprGE:oJYuHTI4jJJObkf

Score
10/10
hijackloaderloader

Malware Config

Signatures

  • Detects HijackLoader (aka IDAT Loader) 1 IoCs
  • HijackLoader

    HijackLoader is a multistage loader first seen in 2023.

    loaderhijackloader
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b0e5fddc8448dc854ab400c9b0ac82c43a2f44fa6970cd2975e7d28116a7740d.exe
    "C:\Users\Admin\AppData\Local\Temp\b0e5fddc8448dc854ab400c9b0ac82c43a2f44fa6970cd2975e7d28116a7740d.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\NewFileTime\NewFileTime.ini
    Filesize

    25B

    MD5

    71bfa4b1b2a2049befa50a86463a014f

    SHA1

    8ca6218c1f92b40da01501e18786cc2724e4c769

    SHA256

    a4683279940ca2ea6c25b63f07f41d7e2eab4ac3246ff57c8c771e7c923abd29

    SHA512

    574ccbc6a9387eed4e74af3e06a5023db1f74e24a8a9f3e9a96bee77483c3e5da257df4ff7976f7e389f51ec9ca89c56b103186fe499f5f3839738cafe657735

    Download Submit
  • memory/2244-5-0x0000000140000000-0x0000000140112000-memory.dmp
    Filesize

    1.1MB

    Download
  • memory/2244-6-0x000007FEF6930000-0x000007FEF6A88000-memory.dmp
    Filesize

    1.3MB

    Download