Overview

overview

8

Static

static

46619f2fad...fa.exe

windows7-x64

8

46619f2fad...fa.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    45s
  • max time network
    68s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2022, 21:35

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.exe

  • Size

    346KB

  • MD5

    a01f4159226ba7ac3abdc39ba7c87850

  • SHA1

    10ec77b2588e52f95efcae046366046992281fb9

  • SHA256

    46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa

  • SHA512

    818601f50ffe16c942bd92de8b61f340a5972a948a29861abf775eab486644c2799e744ed35fa64e62ebc6739a39fef7f7b851641265d8fa37debb182c521134

  • SSDEEP

    6144:s4UHFnuDk67fe2olw9ayDvePPMqLckUet72FwBI+AFdb8MuT:6luDk67HXaMVkUet7EwBI+APuT

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1200
      • C:\Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.exe
        "C:\Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.exe"
        2⤵
        • Loads dropped DLL
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1292
        • C:\Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.com
          C:\Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.com
          3⤵
          • Executes dropped EXE
          PID:1160

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.com
            Filesize

            257KB

            MD5

            c45f8f56260f61964ac954395ecef4c5

            SHA1

            8f1cebdb20a6276a5d4e9c8b5f998b9a78fbf3fb

            SHA256

            9b01dec7e13b2288d02cbf57fb5c4b7e5d5f23a9d47264e7da67a3dd7e74a61e

            SHA512

            7036c8e5e09e79b8fd7f27f554e6eb257abc5b84429f83a3d477d1cb38cb8d4f0ea3e90ee844d8a1f7721fc8269874344fd7a43cbd21e8801dc6b1c1e3275997

            Download Submit

          • \Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.com
            Filesize

            257KB

            MD5

            c45f8f56260f61964ac954395ecef4c5

            SHA1

            8f1cebdb20a6276a5d4e9c8b5f998b9a78fbf3fb

            SHA256

            9b01dec7e13b2288d02cbf57fb5c4b7e5d5f23a9d47264e7da67a3dd7e74a61e

            SHA512

            7036c8e5e09e79b8fd7f27f554e6eb257abc5b84429f83a3d477d1cb38cb8d4f0ea3e90ee844d8a1f7721fc8269874344fd7a43cbd21e8801dc6b1c1e3275997

            Download Submit

          • \Users\Admin\AppData\Local\Temp\46619f2fad8c6894913b239969217354a9dc1decb43de4fd7479574d9a0d27fa.com
            Filesize

            257KB

            MD5

            c45f8f56260f61964ac954395ecef4c5

            SHA1

            8f1cebdb20a6276a5d4e9c8b5f998b9a78fbf3fb

            SHA256

            9b01dec7e13b2288d02cbf57fb5c4b7e5d5f23a9d47264e7da67a3dd7e74a61e

            SHA512

            7036c8e5e09e79b8fd7f27f554e6eb257abc5b84429f83a3d477d1cb38cb8d4f0ea3e90ee844d8a1f7721fc8269874344fd7a43cbd21e8801dc6b1c1e3275997

            Download Submit