Overview

overview

7

Static

static

c26a7e16bd...16.exe

windows7-x64

7

c26a7e16bd...16.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    189s
  • max time network
    195s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-12-2022 12:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c26a7e16bd62983a71d78d26fc2d05e29894e65b5d98bbfc5d6437a91496b716.exe

  • Size

    11KB

  • MD5

    cdc4b5c97d14bcc546697a1235392d66

  • SHA1

    c0fd2be763e485bbce29c6d3e7c47e81ae5a4ca7

  • SHA256

    c26a7e16bd62983a71d78d26fc2d05e29894e65b5d98bbfc5d6437a91496b716

  • SHA512

    abaa513a3a1fa34df92f14683178b722718275a625fd3f796234e4f68ff5559e5fa4c414f1f10315f09f3096c9672301f7107e5071b2dc9a8f2786d88560fdf5

  • SSDEEP

    192:Gn0u0RgmKksj4esZxDORcsPGCCO5aNdPuvuuE8NUoyExYMikE6C0fhWxAWn83:WA1HLe+xDORcAGCCSmOE5CxYMM6CSWxC

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 1 IoCs
  • Runs ping.exe 1 TTPs 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c26a7e16bd62983a71d78d26fc2d05e29894e65b5d98bbfc5d6437a91496b716.exe
    "C:\Users\Admin\AppData\Local\Temp\c26a7e16bd62983a71d78d26fc2d05e29894e65b5d98bbfc5d6437a91496b716.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious use of WriteProcessMemory
    PID:4940
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c del.bat
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1028
      • C:\Windows\SysWOW64\PING.EXE
        ping xcc
        3⤵
        • Runs ping.exe
        PID:2496

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\del.bat
    Filesize

    200B

    MD5

    6775542f33fb88f197f92ccbc6301030

    SHA1

    6648d29a8a971d9b3f530b261e48186151b06232

    SHA256

    200cba73753b0305fe238061917bad4acab9623fe8e7b9b0b3987b7c44336b32

    SHA512

    4343d990d83b4021a84fcaa5f8c99ebedd2ac8cfa93717c871e65a418004cbbea579c01ed22a8b275682a928ce78557b140a69278963e80717c8a129b2f4120a

    Download Submit