Overview

overview

7

Static

static

3

6e0036fdbc...ex.exe

windows7-x64

7

6e0036fdbc...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/07/2023, 10:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    6e0036fdbc716aexeexeexeex.exe

  • Size

    428KB

  • MD5

    6e0036fdbc716aebdb4572f9bba83a7c

  • SHA1

    a34a849420ae94ef57b745d870ebdb2f9f0a7112

  • SHA256

    37acd35b1b2b9e43ac9ebf37deb96d975cbbb1b42fc85ee5f39f5f82939cb7e3

  • SHA512

    d59c1e57d28a392497bbd21f0e06e20897a83b24305d9b4bf5b510ae4791e57c8f449dc710f29accf597c71a1f5a12a9fda78bedcb50d349bec7f5bd67a156cb

  • SSDEEP

    12288:Z594+AcL4tBekiuKzErttU0fzxCiKmwWoiclK9ol:BL4tBekiuVr5r/KmwWOKq

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6e0036fdbc716aexeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\6e0036fdbc716aexeexeexeex.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2616
    • C:\Users\Admin\AppData\Local\Temp\612B.tmp
      "C:\Users\Admin\AppData\Local\Temp\612B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\6e0036fdbc716aexeexeexeex.exe A8B584D379F433BB15D6495E78CA809ABD6B68AE8980A2E1F745FAEE51B9B5ADCECE63D98704FCAA3652CA591AA5888E7AA241B41D649B1E40BB19173EDCC9ED
      2⤵
      • Executes dropped EXE
      PID:3224

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\612B.tmp
          Filesize

          428KB

          MD5

          606024bb95f663faa56a4c26370ff5f3

          SHA1

          f2f36f104a470861689567f5e0b2bd014d578b59

          SHA256

          51df9b86a8dc27cb659857e59bfa6433749f5ad987d4cac2f26c479b389349b8

          SHA512

          d82ae93479e76d296b5999bd0699dcb5e5882adca089bee17e7c4dd671c710874a6c95c4d26cdf1a2dcba679983f82d65b32f8ffdc07f83199a16f038c44e8de

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\612B.tmp
          Filesize

          428KB

          MD5

          606024bb95f663faa56a4c26370ff5f3

          SHA1

          f2f36f104a470861689567f5e0b2bd014d578b59

          SHA256

          51df9b86a8dc27cb659857e59bfa6433749f5ad987d4cac2f26c479b389349b8

          SHA512

          d82ae93479e76d296b5999bd0699dcb5e5882adca089bee17e7c4dd671c710874a6c95c4d26cdf1a2dcba679983f82d65b32f8ffdc07f83199a16f038c44e8de

          Download Submit