Overview

overview

8

Static

static

80e3e96957...20.exe

windows7-x64

8

80e3e96957...20.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    123s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 00:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.exe

  • Size

    426KB

  • MD5

    a1063cf7a991220cdd6773d9a3190110

  • SHA1

    c5f838368811c2c0c870ab3e5b9e0eeffc9cf784

  • SHA256

    80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20

  • SHA512

    e4047f298b561a09725b686fcb7962c7faffe4e45d7cc999418fd40f0042b77c4739fdaca251887da980a88b11fdd53507f75279154f9ab7142c58b6f723691f

  • SSDEEP

    12288:6luDk67HXaMVkUet7EwBI+APuB1zRRaMMMMM2MMMMMJ1zRRaMMMMM2MMMMMY:Lk6TzVkUetVI5uB1zRRaMMMMM2MMMMMs

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1040
      • C:\Users\Admin\AppData\Local\Temp\80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.exe
        "C:\Users\Admin\AppData\Local\Temp\80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1756
        • C:\Users\Admin\AppData\Local\Temp\80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.com
          C:\Users\Admin\AppData\Local\Temp\80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.com
          3⤵
          • Executes dropped EXE
          PID:4548

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.com
      Filesize

      337KB

      MD5

      3b7b263cfd3893a65108ac11baefcf50

      SHA1

      759f463bb36847ddd4fee5b5b3ed7b4db9b77bb7

      SHA256

      24fe1f2da74292bbce928ca8fc31ae4d9148860366a9376cdabec65d944bbb5b

      SHA512

      075475b16f469817d53477ac485d7fe838dc3cb00619cee8f40b16f8c2714512cc45f72c9d19c5bd4fb14a87561369c9c49205c4a31ef1b14f587d3fc7616ba3

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\80e3e969570e95c5d81af839bed3ca622b1c366127f599a0e1e6d427d6767e20.com
      Filesize

      337KB

      MD5

      3b7b263cfd3893a65108ac11baefcf50

      SHA1

      759f463bb36847ddd4fee5b5b3ed7b4db9b77bb7

      SHA256

      24fe1f2da74292bbce928ca8fc31ae4d9148860366a9376cdabec65d944bbb5b

      SHA512

      075475b16f469817d53477ac485d7fe838dc3cb00619cee8f40b16f8c2714512cc45f72c9d19c5bd4fb14a87561369c9c49205c4a31ef1b14f587d3fc7616ba3

      Download Submit