Overview

overview

7

Static

static

3

1ce55bc502...ex.exe

windows7-x64

7

1ce55bc502...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    3s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-07-2023 18:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ce55bc50251f1exeexeexeex.exe

  • Size

    428KB

  • MD5

    1ce55bc50251f145d64f8748c9154035

  • SHA1

    3a93bfc5b857023084b71969395e1529f4fb8050

  • SHA256

    fa192bc0547b607eb3004ca5cf5bbb30322f2b44ef5745b21d25a6addafa8ccf

  • SHA512

    ad2fc05b5a63002f7fdd23adf0264053dcbdf9c00702e5e09bbb98265bfcdcdd9328ada963ed1ea498aaec70b27830cac9f1adecd7c60f680216196b69dec38c

  • SSDEEP

    12288:Z594+AcL4tBekiuKzEr2f5g4ZFMd5KHqCfa7sXl:BL4tBekiuVrw5DXCUYsX

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1ce55bc50251f1exeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\1ce55bc50251f1exeexeexeex.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4356
    • C:\Users\Admin\AppData\Local\Temp\75FB.tmp
      "C:\Users\Admin\AppData\Local\Temp\75FB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\1ce55bc50251f1exeexeexeex.exe 9990DFA38657962B283B71346DCB466CE94AEC6DD308AFCE853BC164A48CFDCA42EB5A32FA144523C835F7A234A6F97640839756F369EBF425445FDB0F7F88C7
      2⤵
      • Executes dropped EXE
      PID:4608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\75FB.tmp
    Filesize

    428KB

    MD5

    7d73bf26cc26089e6ef68be474e1ccea

    SHA1

    5f4aeffc6bc48eb61dbc75d26076828ed1261568

    SHA256

    d73cdc3667e41550636bae07d46a341bc107f20ae78bdaf833e9b66c7f5a9a6e

    SHA512

    4db52c7437802526fff56fefcc57ed6e7e6c470a084373e50b5bed63072cacc334ed1aef55b18625f901501edd0bbc44dfc4bd0d232c2c33209a83817d663fea

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\75FB.tmp
    Filesize

    428KB

    MD5

    7d73bf26cc26089e6ef68be474e1ccea

    SHA1

    5f4aeffc6bc48eb61dbc75d26076828ed1261568

    SHA256

    d73cdc3667e41550636bae07d46a341bc107f20ae78bdaf833e9b66c7f5a9a6e

    SHA512

    4db52c7437802526fff56fefcc57ed6e7e6c470a084373e50b5bed63072cacc334ed1aef55b18625f901501edd0bbc44dfc4bd0d232c2c33209a83817d663fea

    Download Submit