Overview

overview

8

Static

static

96ee5ca5fd...48.exe

windows7-x64

8

96ee5ca5fd...48.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    142s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    27-11-2022 18:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96ee5ca5fdaf0d7e9ff5def3cfe8c256fdfe8fd726fcb1989021c7a3deceab48.exe

  • Size

    29KB

  • MD5

    5fbbaa6694050880f85c2e3cce506aee

  • SHA1

    b86013d001c10877ac8003b74f1f37e4b4c4f142

  • SHA256

    96ee5ca5fdaf0d7e9ff5def3cfe8c256fdfe8fd726fcb1989021c7a3deceab48

  • SHA512

    8ec8d788b650340b7aaed91b82401edf2893d6d3970f189ab2923bae59c842523fa4fe3f8f48312d18f022a745654553674950702e07522884463357449eda35

  • SSDEEP

    768:LmV3rpghoDOjtCCF2j4LWQmq64Y444444pfa:Lm1zDOjtZ2j4LWQmf

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Deletes itself 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\96ee5ca5fdaf0d7e9ff5def3cfe8c256fdfe8fd726fcb1989021c7a3deceab48.exe
    "C:\Users\Admin\AppData\Local\Temp\96ee5ca5fdaf0d7e9ff5def3cfe8c256fdfe8fd726fcb1989021c7a3deceab48.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:756
    • C:\Users\Admin\AppData\Local\Temp\simpleviewer.exe
      C:\Users\Admin\AppData\Local\Temp\simpleviewer.exe
      2⤵
      • Executes dropped EXE
      • Deletes itself
      PID:848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\siA155.tmp
    Filesize

    206B

    MD5

    042341a08cf34ba560d499719fe219c0

    SHA1

    a80a9f876096d5fcc22e2d0cb90b831fc086c693

    SHA256

    c1e3c32fa5c40f7d8298c145d68c7064b4842defc57c930d535452dfbcc7a73d

    SHA512

    0cc121fc3a33e8b6a525d5ebd4e0bc0535228d4eb153cccbf279fcaecb3613a2db9f6b0824afa6adcbada89771b1359d1ba903c251b4cd278a1761a0445ca5ef

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\simpleviewer.exe
    Filesize

    29KB

    MD5

    5fbbaa6694050880f85c2e3cce506aee

    SHA1

    b86013d001c10877ac8003b74f1f37e4b4c4f142

    SHA256

    96ee5ca5fdaf0d7e9ff5def3cfe8c256fdfe8fd726fcb1989021c7a3deceab48

    SHA512

    8ec8d788b650340b7aaed91b82401edf2893d6d3970f189ab2923bae59c842523fa4fe3f8f48312d18f022a745654553674950702e07522884463357449eda35

    Download Submit

  • \Users\Admin\AppData\Local\Temp\simpleviewer.exe
    Filesize

    29KB

    MD5

    5fbbaa6694050880f85c2e3cce506aee

    SHA1

    b86013d001c10877ac8003b74f1f37e4b4c4f142

    SHA256

    96ee5ca5fdaf0d7e9ff5def3cfe8c256fdfe8fd726fcb1989021c7a3deceab48

    SHA512

    8ec8d788b650340b7aaed91b82401edf2893d6d3970f189ab2923bae59c842523fa4fe3f8f48312d18f022a745654553674950702e07522884463357449eda35

    Download Submit

  • memory/756-54-0x0000000075ED1000-0x0000000075ED3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/756-58-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/848-61-0x0000000000400000-0x000000000040B000-memory.dmp

    Filesize

    44KB

    Download