Overview

overview

8

Static

static

4dbe94cc70...f7.exe

windows7-x64

8

4dbe94cc70...f7.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    131s
  • max time network
    167s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 21:32

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.exe

  • Size

    136KB

  • MD5

    a05a2fdf807a6b18d792635645a92ae0

  • SHA1

    a4a769555b99b34a16aa50046aa7a8b74f2cb9a2

  • SHA256

    4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7

  • SHA512

    56883cecdb465b4c26ae396b89c11f6855af031b6b501e399020f50ffd12ac9de4aa4b732d9decf2d1d453e56cb616de297b8b87ce34127610648d4f57afd028

  • SSDEEP

    3072:TO3ZhHsio0tBGCzoRw1V6Cc49R/dMMMMMM2MMMMMZ1:TkhMipt0Czo218CRRVMMMMMM2MMMMM

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:676
      • C:\Users\Admin\AppData\Local\Temp\4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.exe
        "C:\Users\Admin\AppData\Local\Temp\4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:4480
        • C:\Users\Admin\AppData\Local\Temp\4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.com
          C:\Users\Admin\AppData\Local\Temp\4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.com
          3⤵
          • Executes dropped EXE
          PID:3924

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.com
            Filesize

            59KB

            MD5

            091c14f4c71328d4316248a2421190de

            SHA1

            2f3645e24caee5898d086890752400d7c8862505

            SHA256

            3f7409a5f661c5a17068757d03a3b90f5c2688ae5391aed83fa1eb98a9ec28dc

            SHA512

            05cb01d25b509d26d77f873a0ae0f5e769175dc86acd777dbc24570e355443a28daa8b58846819ec3799e3f8928f9d9fc9674552f2d495d8b749797c8dc22d27

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\4dbe94cc7008b1769b3f39a142e2296963af5d6e7f74d503028866a6639ed6f7.com
            Filesize

            59KB

            MD5

            091c14f4c71328d4316248a2421190de

            SHA1

            2f3645e24caee5898d086890752400d7c8862505

            SHA256

            3f7409a5f661c5a17068757d03a3b90f5c2688ae5391aed83fa1eb98a9ec28dc

            SHA512

            05cb01d25b509d26d77f873a0ae0f5e769175dc86acd777dbc24570e355443a28daa8b58846819ec3799e3f8928f9d9fc9674552f2d495d8b749797c8dc22d27

            Download Submit