Overview

overview

8

Static

static

4bb2e8034c...f6.exe

windows7-x64

8

4bb2e8034c...f6.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    139s
  • max time network
    203s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 00:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4bb2e8034c9b6939febd3bd7e4ecdfe379569fb04387eb9798c804f00d9301f6.exe

  • Size

    414KB

  • MD5

    a13bb9a6b1dcdf7f7100fd1a16d45d90

  • SHA1

    3a775d877e778e2e4fda89d8708ba6c22992c189

  • SHA256

    4bb2e8034c9b6939febd3bd7e4ecdfe379569fb04387eb9798c804f00d9301f6

  • SHA512

    5a1bada39bcfdc5e84670f537129c15f09c7811b9d563a92d73df565fab5ded3d3fe6cfa9388f863bc2caf526c7f93c9399ebee9f2a1625da29248a0b8ec6b21

  • SSDEEP

    12288:Wq4w/ekieZgU6v91/GwPKuhOCeom9Fgbl:Wq4w/ekieH6vLGxmReo4ab

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4bb2e8034c9b6939febd3bd7e4ecdfe379569fb04387eb9798c804f00d9301f6.exe
    "C:\Users\Admin\AppData\Local\Temp\4bb2e8034c9b6939febd3bd7e4ecdfe379569fb04387eb9798c804f00d9301f6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:372
    • C:\Users\Admin\AppData\Local\Temp\71A6.tmp
      "C:\Users\Admin\AppData\Local\Temp\71A6.tmp" --helpC:\Users\Admin\AppData\Local\Temp\4bb2e8034c9b6939febd3bd7e4ecdfe379569fb04387eb9798c804f00d9301f6.exe 51B03B8D047F7EACECA1A72EF8A43A8A9738C2436C908E998893A05EC9123EC952C8FCCDA1725835285BFFB47817E98CD1D09784B29170738F74F712803B7E09
      2⤵
      • Executes dropped EXE
      PID:440

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\71A6.tmp
    Filesize

    414KB

    MD5

    1f4e403182eaeb1d00f2316a94a2e8d9

    SHA1

    1323590fc061811ffccb3e0e4016109768a417f7

    SHA256

    9fc1f2e2370f5153774967fd61167f2d53b57da79d68b9c8421d17c9c874e4a1

    SHA512

    240db0073b7ca758fde0c1c929925ca3d66f7aaa7d49592f2664daaac868ad4954e1ef585708cb013478359c732f9bf18b256f5c624a3bd822e071dbd7ae6c4a

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\71A6.tmp
    Filesize

    414KB

    MD5

    1f4e403182eaeb1d00f2316a94a2e8d9

    SHA1

    1323590fc061811ffccb3e0e4016109768a417f7

    SHA256

    9fc1f2e2370f5153774967fd61167f2d53b57da79d68b9c8421d17c9c874e4a1

    SHA512

    240db0073b7ca758fde0c1c929925ca3d66f7aaa7d49592f2664daaac868ad4954e1ef585708cb013478359c732f9bf18b256f5c624a3bd822e071dbd7ae6c4a

    Download Submit