Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
01-07-2024 04:34
Behavioral task
behavioral1
Sample
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe
Resource
win10v2004-20240508-en
General
-
Target
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe
-
Size
1.7MB
-
MD5
9cc57053aeb66459446b8cb009919424
-
SHA1
3c4dd5d161de981cdd187e6b14b32f78a5f90d8b
-
SHA256
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c
-
SHA512
103812d1d9759bdf87f222e423272832f1a68af8a6385c74adc7f48468c3d8f93b5225b8fd95694889b92fa19dc98048770e982a708b9f4b58efdcdda4085fd5
-
SSDEEP
24576:feaPqgd8w2lvQH1aTL5r/3XPMNKqseXTOC3USZY1zj+nmghjpv7vVPgw6NYdX385:mvgdQlYILl3XPc0eXTL3GzEhjp7v7X9
Malware Config
Signatures
-
Processes:
resource yara_rule behavioral1/memory/2728-0-0x0000000000400000-0x00000000007DD000-memory.dmp vmprotect behavioral1/memory/2728-1-0x0000000000400000-0x00000000007DD000-memory.dmp vmprotect behavioral1/memory/2728-5-0x0000000000400000-0x00000000007DD000-memory.dmp vmprotect -
Suspicious behavior: EnumeratesProcesses 1 IoCs
Processes:
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exepid process 2728 5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
Processes:
5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exepid process 2728 5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe 2728 5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe
Processes
-
C:\Users\Admin\AppData\Local\Temp\5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe"C:\Users\Admin\AppData\Local\Temp\5bc233b8465b783cc7097e2f4e0aed401dd8068c6f7b8f78952b791df4db209c.exe"1⤵
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of SetWindowsHookEx