Overview

overview

8

Static

static

4d47905c0d...11.exe

windows7-x64

8

4d47905c0d...11.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    38s
  • max time network
    41s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02-10-2022 15:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211.exe

  • Size

    594KB

  • MD5

    74cbaf5134ee6cabada5aa172b426770

  • SHA1

    1746bff98f323cc3907912b44422712b100e80fa

  • SHA256

    4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211

  • SHA512

    38a44fa04ce411857abc8e87b368d32a4c0796c7d05cd8424eefb0806c280823858cf19364c62b276482e6e496abd47df49b404d24539a190c52c77186ad9a62

  • SSDEEP

    12288:mX2/U+GngI3xU5eo2BkcNf618kJiRvhbFTqqWF7tQ2Ta4Sw:U28lJxU5eomRNf6BJiPFGq6y2Ta4/

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211.exe
    "C:\Users\Admin\AppData\Local\Temp\4d47905c0ddb8fb8b555e137e922fc6a2c940dc6ed639182f99f04587f25e211.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious behavior: EnumeratesProcesses
    PID:1960
  • C:\Program Files (x86)\90ucw\shtep.exe
    "C:\Program Files (x86)\90ucw\shtep.exe"
    1⤵
    • Executes dropped EXE
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1368
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      C:\Program Files (x86)\90ucw\shtep.exe
      2⤵
        PID:1388

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Program Files (x86)\90ucw\shtep.exe
      Filesize

      21.6MB

      MD5

      5979d2e144aad1824dd90ea5f018e8c6

      SHA1

      101187eac1a037ab1365cd1c9ef71c4449fca4d2

      SHA256

      51c77be5492d06337f9d1079030d24ed5f99879daee187fa32726c10c1d67288

      SHA512

      d899edc73ffc978a4d5d553ab567acc2f76575a4d3be0dd5b37b9404b9172d3dae29037200f79c81369f6f97253a82178115e8d538ace16901b77f605b6e7092

      Download Submit

    • C:\Program Files (x86)\90ucw\shtep.exe
      Filesize

      21.6MB

      MD5

      5979d2e144aad1824dd90ea5f018e8c6

      SHA1

      101187eac1a037ab1365cd1c9ef71c4449fca4d2

      SHA256

      51c77be5492d06337f9d1079030d24ed5f99879daee187fa32726c10c1d67288

      SHA512

      d899edc73ffc978a4d5d553ab567acc2f76575a4d3be0dd5b37b9404b9172d3dae29037200f79c81369f6f97253a82178115e8d538ace16901b77f605b6e7092

      Download Submit

    • memory/1960-54-0x0000000075451000-0x0000000075453000-memory.dmp

      Filesize

      8KB

      Download