Overview

overview

7

Static

static

3

24f7098738...94.exe

windows7-x64

7

24f7098738...94.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/05/2023, 13:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    24f7098738543695b763af294506e2b125f6a61c4cd65544a7fcab82c8626d94.exe

  • Size

    4.7MB

  • MD5

    57b80aa06ecec6145b85ceff5968c0ad

  • SHA1

    550b28e6dad55d295551c59b449d8235b8c9ab32

  • SHA256

    24f7098738543695b763af294506e2b125f6a61c4cd65544a7fcab82c8626d94

  • SHA512

    adca4cf16de99a9baf8165c32f7051c6265fc177969b9430c197ab8aa11a85ec0175fb3ee3853bffc16593945a78c778aab8b7f05d8dc3ff49304fa72fddd648

  • SSDEEP

    49152:teASneYc/pVLS83sepipClDiAvIn//fb1h3BqUquM6CO6tCs6VHNN9:5c+o1h3TAfCtHN

Score
7/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\24f7098738543695b763af294506e2b125f6a61c4cd65544a7fcab82c8626d94.exe
    "C:\Users\Admin\AppData\Local\Temp\24f7098738543695b763af294506e2b125f6a61c4cd65544a7fcab82c8626d94.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of WriteProcessMemory
    PID:4964
    • C:\ProgramData\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2.exe
      C:\ProgramData\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2.exe
      2⤵
      • Executes dropped EXE
      PID:1692

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\ProgramData\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2.exe
    Filesize

    19.4MB

    MD5

    835d13818af0bcefb5c96a14836f104f

    SHA1

    95924c9d89d0ff972cfd345f02ee285c239818b6

    SHA256

    50cf9eb81aea74a20f85724988a757bffa0840243085b2885f2d58eced19a6fb

    SHA512

    af420222e111ac1b3d4c774fb750ef66574627fad6a579d58ac30d2e5711d108369ab91a0c719ce1d35d7d26f8f3d6bf8b8def90ba465c1db0db01328f841224

    Download Submit

  • C:\ProgramData\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2\SoftwareDistributionMozilla-1de4eec8-1241-4177-a864-e594e8d1fb38-ver5.8.5.2.exe
    Filesize

    19.3MB

    MD5

    4defef1d88977c7c1df257ea71160725

    SHA1

    969a2dfd2979332d453d03b1cc4a08a13eeb0003

    SHA256

    442d7b0454c8527a18bb97e86a0e06f8b79271ca19c3ddb3d4ef4dc6552564cf

    SHA512

    35e4afc6c63cf25aee57118c4fa4841be6c134074bf9d976f7f1146f6700cc902e1a88f45738a4eafb4a86fc254eb6e5bdae3ed969a4ce9c80191bd63c83307b

    Download Submit