Overview

overview

8

Static

static

7bf0b2dfd1...d8.exe

windows7-x64

8

7bf0b2dfd1...d8.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    91s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-11-2022 15:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.exe

  • Size

    196KB

  • MD5

    0d5033059f277579a8f6e1f813918d10

  • SHA1

    a393ea48352ba1bf526bd90167586c193b9971ca

  • SHA256

    7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8

  • SHA512

    5f67fdf1cc17cb546db064316f6d6e1f102528139bd46aa067299d533536d9ee74bb84ae77ac4671da187d765a13ce4c50b7de077a29a4607399079e82fcd5f0

  • SSDEEP

    3072:sdmtrAHFRpxvMDk67fXf4b2I1Wc6HF2NQKPWDyDRepJltZrpRSfHW:s4UHFnuDk67fe2DtcNSDyDRothpQO

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Windows directory 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:776
      • C:\Users\Admin\AppData\Local\Temp\7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.exe
        "C:\Users\Admin\AppData\Local\Temp\7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1048
        • C:\Users\Admin\AppData\Local\Temp\7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.com
          C:\Users\Admin\AppData\Local\Temp\7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.com
          3⤵
          • Executes dropped EXE
          PID:3340

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.com
      Filesize

      107KB

      MD5

      02e6202f2e9f0d4403b8d0e9d65c1965

      SHA1

      c294645cb8e059e2e14ecaaf825c2e84abd62453

      SHA256

      b4ad7462ce92f0e65602e17abf01494fe7883bcb9a1dea95296cbcb3d10a2a6a

      SHA512

      4f8d966a47b9b339e20b36f99db87fff597b20f617159ba5e016e0111936218416d1ca69d89cba17546ab0bfc0b026e4db6c33c2549dcf048d89bf91e9527add

      Download Submit

    • C:\Users\Admin\AppData\Local\Temp\7bf0b2dfd10eb778a1c562461903a4e50dc6a64671db67117dd037f1240d9fd8.com
      Filesize

      107KB

      MD5

      02e6202f2e9f0d4403b8d0e9d65c1965

      SHA1

      c294645cb8e059e2e14ecaaf825c2e84abd62453

      SHA256

      b4ad7462ce92f0e65602e17abf01494fe7883bcb9a1dea95296cbcb3d10a2a6a

      SHA512

      4f8d966a47b9b339e20b36f99db87fff597b20f617159ba5e016e0111936218416d1ca69d89cba17546ab0bfc0b026e4db6c33c2549dcf048d89bf91e9527add

      Download Submit