Overview

overview

10

Static

static

3c3a3e87ec...41.exe

windows7_x64

10

3c3a3e87ec...41.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    63s
  • max time network
    170s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    03-07-2022 08:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c3a3e87ec02e301b748c730a7c379424e93e6f3bbe2128000b8f33084b7d641.exe

  • Size

    422KB

  • MD5

    cfca9ac2b0a1b969f80dfa7f76ed131e

  • SHA1

    404c46ee53a8a47941a342bb2924e5cd5ff0495d

  • SHA256

    3c3a3e87ec02e301b748c730a7c379424e93e6f3bbe2128000b8f33084b7d641

  • SHA512

    f9a42bcf75b76dada47a0febb9710b72a2a1f2c31b1c9e01fb4533edd159664fd55e784d13dc191603e52946b97aa96e5a923fbaf1237273d873bfe7573e189b

Score
10/10
onlyloggerdiscoveryloader

Malware Config

Signatures

  • OnlyLogger

    A tiny loader that uses IPLogger to get its payload.

    loaderonlylogger
  • OnlyLogger Payload 2 IoCs
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c3a3e87ec02e301b748c730a7c379424e93e6f3bbe2128000b8f33084b7d641.exe
    "C:\Users\Admin\AppData\Local\Temp\3c3a3e87ec02e301b748c730a7c379424e93e6f3bbe2128000b8f33084b7d641.exe"
    1⤵
      PID:108

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Network Service Scanning

    1
    T1046

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/108-54-0x0000000002D98000-0x0000000002DC0000-memory.dmp
      Filesize

      160KB

      Download
    • memory/108-55-0x0000000075A61000-0x0000000075A63000-memory.dmp
      Filesize

      8KB

      Download
    • memory/108-56-0x0000000002D98000-0x0000000002DC0000-memory.dmp
      Filesize

      160KB

      Download
    • memory/108-57-0x0000000000270000-0x00000000002B4000-memory.dmp
      Filesize

      272KB

      Download
    • memory/108-58-0x0000000000400000-0x0000000002BC3000-memory.dmp
      Filesize

      39.8MB

      Download
    • memory/108-59-0x0000000002D98000-0x0000000002DC0000-memory.dmp
      Filesize

      160KB

      Download