Overview

overview

8

Static

static

f78581d238...02.exe

windows7-x64

8

f78581d238...02.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    91s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 21:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.exe

  • Size

    840KB

  • MD5

    a08f1a0a2062619197dba0a5f5837ad0

  • SHA1

    de14bf3eea122feb67abc2e4d347a6fdf78984cb

  • SHA256

    f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02

  • SHA512

    98309d96cf0fbf2d6c2a4bc42b2485dc55ae0452b1792fc68b8730a859e30e1d7bdb24c1153bb4a7b15bfa14481b8bcfa00c5e4f8c9f14d1f6de1e6e4620428d

  • SSDEEP

    24576:Lk62zVkUetVI5uyDyo1tj+4zVkUetVI5u0:kZustKOZu0

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2984
      • C:\Users\Admin\AppData\Local\Temp\f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.exe
        "C:\Users\Admin\AppData\Local\Temp\f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2536
        • C:\Users\Admin\AppData\Local\Temp\f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.com
          C:\Users\Admin\AppData\Local\Temp\f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.com
          3⤵
          • Executes dropped EXE
          PID:3776

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.com
      Filesize

      752KB

      MD5

      d70ce10d06db39beec49357126393c9c

      SHA1

      76ecb2e121b944548cb7cdbcee68065f81224755

      SHA256

      46902f5ed9bf8923ea90c2ebad023b02b88df1610cc4a745a75bdbfd47113ec1

      SHA512

      1a5d1a4858f63655c6d757a215deeb43322ce93fec924a3edf256a3f457157f1301841bf5e75441657c4a42518fd5718702be74dff281488d9868a644d4ccd68

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\f78581d238b443a09adf1bd03f620973ccd21f550a46e105f7f2c1893c159d02.com
      Filesize

      752KB

      MD5

      d70ce10d06db39beec49357126393c9c

      SHA1

      76ecb2e121b944548cb7cdbcee68065f81224755

      SHA256

      46902f5ed9bf8923ea90c2ebad023b02b88df1610cc4a745a75bdbfd47113ec1

      SHA512

      1a5d1a4858f63655c6d757a215deeb43322ce93fec924a3edf256a3f457157f1301841bf5e75441657c4a42518fd5718702be74dff281488d9868a644d4ccd68

      Download Submit