Overview

overview

8

Static

static

88dd3d7b44...c2.exe

windows7-x64

8

88dd3d7b44...c2.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    145s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/10/2022, 14:24

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.exe

  • Size

    167KB

  • MD5

    a31120a04ca4da48bc7a0f505bf63650

  • SHA1

    27b6416ab13c225151aee7e8f2332838573bb24f

  • SHA256

    88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2

  • SHA512

    c586bd90f3280df6aae29748f193b6093785b646425c058003dd172333765cd11ef85d3d82557a4624664d81e7aaa8134abe222d8be5173148716841826e3872

  • SSDEEP

    3072:sdmtrAHFRpxvMDk67fXf4b2IEUKDOp1V6Cc49R/dMMMMMM2MMMMMZ1Hpw:s4UHFnuDk67fe2g18CRRVMMMMMM2MMMa

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2976
      • C:\Users\Admin\AppData\Local\Temp\88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.exe
        "C:\Users\Admin\AppData\Local\Temp\88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:4144
        • C:\Users\Admin\AppData\Local\Temp\88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.com
          C:\Users\Admin\AppData\Local\Temp\88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.com
          3⤵
          • Executes dropped EXE
          PID:4240

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.com
            Filesize

            78KB

            MD5

            49ae91f77d00a67ca9cfef5dee9e3138

            SHA1

            65d668a5553f8cac7e46fe96b0f4dcbcc7210155

            SHA256

            a8d91242e34994e5558c6e6b348ce92993ded8c94d056868dd6d0c9c03cafbc3

            SHA512

            a223a7d0780f47c9d82380827d9bc721c60b9f5698194616c422e47c7793b0e80d4d91d85d51fb3378bba3718954b1fe0f5af9597f41607b77f64f60034f266c

            Download Submit

          • C:\Users\Admin\AppData\Local\Temp\88dd3d7b445c9af151b71c0461fe28aaf535ff81cbecc570740f0b873f950ac2.com
            Filesize

            78KB

            MD5

            49ae91f77d00a67ca9cfef5dee9e3138

            SHA1

            65d668a5553f8cac7e46fe96b0f4dcbcc7210155

            SHA256

            a8d91242e34994e5558c6e6b348ce92993ded8c94d056868dd6d0c9c03cafbc3

            SHA512

            a223a7d0780f47c9d82380827d9bc721c60b9f5698194616c422e47c7793b0e80d4d91d85d51fb3378bba3718954b1fe0f5af9597f41607b77f64f60034f266c

            Download Submit