Overview

overview

8

Static

static

ed6d1ed68c...f1.exe

windows7-x64

8

ed6d1ed68c...f1.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    181s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 00:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.exe

  • Size

    652KB

  • MD5

    a0e88cb61e4365fd09e16812454acc30

  • SHA1

    b85b398ad39c18cf51ae0e271350347d9025c2b8

  • SHA256

    ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1

  • SHA512

    a57867d3f0571e68ec32a30771ff1e069b96d5f0712bbc81f8b7d004a0b64003ae17bd8bea8a366351b1a05da611158ceb89b8b56822ec492cf8ea20d230b6e8

  • SSDEEP

    6144:s4UHFnuDk67fe2GzqOxLfPcvgKVPlw9ayXlw9ayK18CRRVMMMMMM2MMMMM2:6luDk67Sz3zKQeW1zRRaMMMMM2MMMMM2

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2616
      • C:\Users\Admin\AppData\Local\Temp\ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.exe
        "C:\Users\Admin\AppData\Local\Temp\ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:4808
        • C:\Users\Admin\AppData\Local\Temp\ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.com
          C:\Users\Admin\AppData\Local\Temp\ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.com
          3⤵
          • Executes dropped EXE
          PID:4804

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.com
            Filesize

            564KB

            MD5

            cc16de36772ccdd0e2e64f42470d3ab5

            SHA1

            a6bf7645a06f7ad89aea4034a70fed645a3e519d

            SHA256

            c7e80a1b926259b1d7fce9b277ed89acd100e150247fad2fac7f9511c265d4b1

            SHA512

            4b6f63f63716f030840a520cae25c745780df0e6aaebc7d846d6d6ce1352aa7c94c216564222b31e24d3da3f228ed2d0b5e64d9188c2356b0236dd7b9adbc111

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\ed6d1ed68c0da0a045d4062a9d1eb0987e14e24a8660d530ac76cd9c3c21c3f1.com
            Filesize

            564KB

            MD5

            cc16de36772ccdd0e2e64f42470d3ab5

            SHA1

            a6bf7645a06f7ad89aea4034a70fed645a3e519d

            SHA256

            c7e80a1b926259b1d7fce9b277ed89acd100e150247fad2fac7f9511c265d4b1

            SHA512

            4b6f63f63716f030840a520cae25c745780df0e6aaebc7d846d6d6ce1352aa7c94c216564222b31e24d3da3f228ed2d0b5e64d9188c2356b0236dd7b9adbc111

            Download Submit