Overview

overview

7

Static

static

b29978fbfe...e7.exe

windows7-x64

7

b29978fbfe...e7.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    34s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2022, 12:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7.exe

  • Size

    47KB

  • MD5

    205de5f1dd2bdb8dccbf138cdb5606b0

  • SHA1

    8057f7e95d26b7a48a35183532333845e6d0002d

  • SHA256

    b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7

  • SHA512

    0f00d3d0dcec66379055e4154395d24c4092f324ca4f867c468bf851005389299cb7d299776ad15ea97d3b1f6b5cc2977c4eb2ae43fd3632218b2c7acd15d588

  • SSDEEP

    768:k67lIqlqeeda+QzZPJaVHGkXNRDcXb0vhkPUofw1gCDHVtZjg7TI7IZT247orZA4:k2lIqMe2eWN1cLmkPUeJCD1DjHCT24e9

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7.exe
    "C:\Users\Admin\AppData\Local\Temp\b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1904
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c delexec.bat
      2⤵
      • Deletes itself
      PID:1912

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\delexec.bat
          Filesize

          127B

          MD5

          614d98be54d4e79f1e866f1542212824

          SHA1

          cb7eb0c17395ee8ea8b876e93bce2215325c80a9

          SHA256

          283cb4694946b80891b3b3694dac02497770f1f7ba5d424c8216a91541c27390

          SHA512

          b6a25d8a1853bead0b90feeb581102a8811b0ba7339547b095cc52782978beaed096dee429a092d01eeb75a52b4d5fc4d78a9ebfbb88c69e7bf62149bb486673

          Download Submit

        • memory/1904-55-0x0000000000400000-0x0000000000426000-memory.dmp

          Filesize

          152KB

          Download