Overview

overview

8

Static

static

0c40876f48...e6.exe

windows7-x64

8

0c40876f48...e6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    140s
  • max time network
    106s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/09/2022, 12:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.exe

  • Size

    3.3MB

  • MD5

    50203926799ec9f38dbc1c8cfffd7574

  • SHA1

    44ad44bc2eb1daf41f51a0c74e6b70625387099d

  • SHA256

    0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6

  • SHA512

    168d3f59045fbd91186eb702dd6b59e36cb189d7bdb1aa154232d0e6e25566321407d42af3e500f7403739a2fe84516c84ae36e3dd3a117e3b7ad26789241232

  • SSDEEP

    98304:kimAHrOKsaE+PH5PcAjqsR5bGu7r9YCKRY:kOimBEAqsR5bGCrSCKRY

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.exe
    "C:\Users\Admin\AppData\Local\Temp\0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1524
    • C:\Users\Admin\AppData\Local\Temp\is-3LL4E.tmp\0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-3LL4E.tmp\0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.tmp" /SL5="$90034,2728125,715264,C:\Users\Admin\AppData\Local\Temp\0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.exe"
      2⤵
      • Executes dropped EXE
      PID:1804

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-3LL4E.tmp\0c40876f4824e55cd6a66200af095fc289c4d7ef399d59a70bd2c6c351b5fce6.tmp
    Filesize

    2.4MB

    MD5

    9a6fefb6aebf1619d1915b8c07b51c41

    SHA1

    6bff0d239f7f7145c4004348660d04cbf9416cbd

    SHA256

    d1aabe0b58b5885c65036fef53ee2d282d6f3bf1a2f915b3addc9b519b549212

    SHA512

    b62461b0cbb42883a554bed5e7a59e21c77f6c38ba4ebe7edab048b013a3be4a71bb9ea8709e64597675687d4bc360ba15e8fef78aa22a15a9d467767b03af30

    Download Submit

  • memory/1524-132-0x0000000000400000-0x00000000004BC000-memory.dmp

    Filesize

    752KB

    Download

  • memory/1524-136-0x0000000000400000-0x00000000004BC000-memory.dmp

    Filesize

    752KB

    Download

  • memory/1524-137-0x0000000000400000-0x00000000004BC000-memory.dmp

    Filesize

    752KB

    Download