Overview

overview

8

Static

static

5550e19f03...21.exe

windows7-x64

7

5550e19f03...21.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    71s
  • max time network
    99s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2022 23:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5550e19f03a974d9a74cede37e5b01633d94d0bf897edca486d821ef53bca221.exe

  • Size

    1.4MB

  • MD5

    00fcdb991966bbd97c9b00ee31359b20

  • SHA1

    439d96c31a7f99d0fe558908650140001047cfbf

  • SHA256

    5550e19f03a974d9a74cede37e5b01633d94d0bf897edca486d821ef53bca221

  • SHA512

    6068eb99c3a44f069a246c866dedeeaf77fc9af39e16341f4b037e93619f52c837355fde83fe10cc320ad2afef94cd2d4c9cf69ba48d42d40337a8463c2b1297

  • SSDEEP

    24576:kNmF/mnBoDM5f7F2hQHhToIzdF9s8kwWcMXixJH9GSG+VLUx3GHE07d:kYVZo5TchQBvj9tWXaJHkMLhkSd

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Drops file in Windows directory 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 37 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5550e19f03a974d9a74cede37e5b01633d94d0bf897edca486d821ef53bca221.exe
    "C:\Users\Admin\AppData\Local\Temp\5550e19f03a974d9a74cede37e5b01633d94d0bf897edca486d821ef53bca221.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    PID:912
    • C:\Users\Admin\AppData\Local\Temp\ms.exe
      C:\Users\Admin\AppData\Local\Temp\ms.exe k
      2⤵
        PID:1916

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\ms.exe
      Filesize

      24KB

      MD5

      bf12112db28ce8a15f9be1911ab7cf59

      SHA1

      d4bb739dbdd6a6c599605df68091e27325f617df

      SHA256

      3c75279c259bed88347c264c761a2b25e44988ffb15ca6958d48ec9d478b4294

      SHA512

      a0c2ae93a493b1a5d6b3924cc2699e9bad1f3b7083af7506cc47d9140b47e3cc8898c4ea5b3c3cde83f7dbe568b9db85483a1122c544c3da622db263f9cec65f

      Download Submit
    • \Users\Admin\AppData\Local\Temp\ms.exe
      Filesize

      12KB

      MD5

      c9a12b93307c8da31c1ad220640af1b9

      SHA1

      d4ad21957029b58ed9cb0cdfbb9a01cd1af5391e

      SHA256

      18ed901497d5ba34ffa9e3f4448f826a11355ab18700f5dc138ecb3da805e269

      SHA512

      707132741ec09acfda1fa7605307af8769d520e9711ac5d051b397321030042dd53fe6e86b66799fcdc1c9d0ffd9d0b41b0a3198c0fd7824f886a7e102d2fa11

      Download Submit
    • memory/912-54-0x0000000075661000-0x0000000075663000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1916-56-0x0000000000000000-mapping.dmp
      Download