Overview

overview

7

Static

static

1

fcef12ac4e...1b.exe

windows7-x64

7

fcef12ac4e...1b.exe

windows10-2004-x64

7

Resubmissions

31/05/2023, 06:45

230531-hjcqrsdd27 7

31/05/2023, 06:26

230531-g66fxsdf7x 7

Analysis

  • max time kernel
    141s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/05/2023, 06:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    fcef12ac4e82d856217869a653f9111b.exe

  • Size

    3.5MB

  • MD5

    fcef12ac4e82d856217869a653f9111b

  • SHA1

    bab2a2acced0740bac91c583a278607abea8026d

  • SHA256

    4487e0212607e1706cafbba9a3677639e617e4adca43be990e3cae452c6737f8

  • SHA512

    9ac7d80988a0b9e63b6586ad9a668e7826dbfd75c750152b419498c848415e5cbfc02cf8ff41d59a063d28af3822631619d013b63dd0e8b4c1623a75151851b6

  • SSDEEP

    98304:yWbuoB9dw/FXssu+Ioafu0g+M8DchaKabn:yaHB99sdIoAM8Dusbn

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fcef12ac4e82d856217869a653f9111b.exe
    "C:\Users\Admin\AppData\Local\Temp\fcef12ac4e82d856217869a653f9111b.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Users\Admin\AppData\Local\Temp\is-IIKDE.tmp\fcef12ac4e82d856217869a653f9111b.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-IIKDE.tmp\fcef12ac4e82d856217869a653f9111b.tmp" /SL5="$D0038,3165252,118784,C:\Users\Admin\AppData\Local\Temp\fcef12ac4e82d856217869a653f9111b.exe"
      2⤵
      • Executes dropped EXE
      PID:1896

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\is-IIKDE.tmp\fcef12ac4e82d856217869a653f9111b.tmp
          Filesize

          1.1MB

          MD5

          3c59eac7bf74d8f60751a3f536f019b3

          SHA1

          b6826c364e44c3d44d6040055bf22878b3ca9092

          SHA256

          e4a51f8f8f663ae8646c1defb10fb628864fa25b130bdcb4d8a4bc0278ac57d2

          SHA512

          74e92af6852d08accb429fbafca5af2c04cfcfad2020f8722cf8603125ca9151b131aacb2689ee8878b5315efc2f4201dc7cb2103010af383195481107e1901a

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\is-IIKDE.tmp\fcef12ac4e82d856217869a653f9111b.tmp
          Filesize

          1.1MB

          MD5

          3c59eac7bf74d8f60751a3f536f019b3

          SHA1

          b6826c364e44c3d44d6040055bf22878b3ca9092

          SHA256

          e4a51f8f8f663ae8646c1defb10fb628864fa25b130bdcb4d8a4bc0278ac57d2

          SHA512

          74e92af6852d08accb429fbafca5af2c04cfcfad2020f8722cf8603125ca9151b131aacb2689ee8878b5315efc2f4201dc7cb2103010af383195481107e1901a

          Download Submit

        • memory/1896-139-0x00000000022C0000-0x00000000022C1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/1896-145-0x0000000000400000-0x000000000052B000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/1896-146-0x00000000022C0000-0x00000000022C1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2232-133-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download

        • memory/2232-144-0x0000000000400000-0x0000000000427000-memory.dmp

          Filesize

          156KB

          Download