Overview

overview

8

Static

static

3c0adfc039...b1.exe

windows7-x64

8

3c0adfc039...b1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    90s
  • max time network
    109s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 00:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.exe

  • Size

    526KB

  • MD5

    a21d25c2745ee282426f5abb82374690

  • SHA1

    d4d3cb9901e9a0be8464875bc84191b289fb9f70

  • SHA256

    3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1

  • SHA512

    83c5cf1db701e0698ed3d623404e8f27100f4ae7caf03a0ffbebc6577426437348b6e0c729342ecd095b831d1de5ff48d3f844be5fb8363b78b9cd750531c461

  • SSDEEP

    6144:s4UHFnuDk67fe2olw9ayjlw9ayYlw9ayYlw9ayYlw9ayw18CRRVMMMMMM2MMMMMb:6luDk67Hi33X01zRRaMMMMM2MMMMMb

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1076
      • C:\Users\Admin\AppData\Local\Temp\3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.exe
        "C:\Users\Admin\AppData\Local\Temp\3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2368
        • C:\Users\Admin\AppData\Local\Temp\3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.com
          C:\Users\Admin\AppData\Local\Temp\3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.com
          3⤵
          • Executes dropped EXE
          PID:5040

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.com
      Filesize

      437KB

      MD5

      8aeca46f78755edba1b3a98e3b6b046f

      SHA1

      38cb779996fcb4108293cd58d48948b05c973a7f

      SHA256

      ed012ed18131deb28a546b21cd0950829e349a8ab427b53c199e25f2374a6e3f

      SHA512

      217f13dec2ced6b6187c35185ad4c1e939a83ee8e5f4c26b7bde51f55b07a6d44c274a6ef4ede4a916db9dc73b831a090bc594d18e18dfe2747adbe48a019961

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\3c0adfc039a05d3836dc62b374b190fa7f4a04e9b971163e792ef0fc3708c0b1.com
      Filesize

      437KB

      MD5

      8aeca46f78755edba1b3a98e3b6b046f

      SHA1

      38cb779996fcb4108293cd58d48948b05c973a7f

      SHA256

      ed012ed18131deb28a546b21cd0950829e349a8ab427b53c199e25f2374a6e3f

      SHA512

      217f13dec2ced6b6187c35185ad4c1e939a83ee8e5f4c26b7bde51f55b07a6d44c274a6ef4ede4a916db9dc73b831a090bc594d18e18dfe2747adbe48a019961

      Download Submit