Overview

overview

7

Static

static

3

ffc8a5e204...ex.exe

windows7-x64

7

ffc8a5e204...ex.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11/07/2023, 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffc8a5e204556cexeexeexeex.exe

  • Size

    412KB

  • MD5

    ffc8a5e204556cbb8a4e6d685aa1dec8

  • SHA1

    a0b5bf543c27543e65f1db7ac5c141a72d8a77a1

  • SHA256

    47873e8ff44329f25c44c2d49111e77b97e739a8ef94a5a6e7490fae6f1e9350

  • SHA512

    1be5c659e70561cbd564f1db9a8bc75ab10535146dfa8e15c771b90c43cd30f7357095ecc353f9e67032d08a5313c601d3422bb546eee7b70c489c79a06ab4aa

  • SSDEEP

    12288:U6PCrIc9kph5ulpOh6BoaC6uMs2jYoWsuNx:U6QIcOh5IBoDvM9Y3f

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ffc8a5e204556cexeexeexeex.exe
    "C:\Users\Admin\AppData\Local\Temp\ffc8a5e204556cexeexeexeex.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2684
    • C:\Users\Admin\AppData\Local\Temp\68AD.tmp
      "C:\Users\Admin\AppData\Local\Temp\68AD.tmp" --pingC:\Users\Admin\AppData\Local\Temp\ffc8a5e204556cexeexeexeex.exe DFA7118A3F9AF4664957AC4337CFBE40B06CA24171BEBD2FD243D32DEFE5768CCE64A323B457E2EB09E24C06F76540A38712AD89AEEF6CC4447EDCDCDE1709CD
      2⤵
      • Executes dropped EXE
      PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\68AD.tmp
    Filesize

    412KB

    MD5

    fcebf7df3fb210b88e341606827245e6

    SHA1

    1d6d8ee85dc7cd8c7f6b20f94770a0b6099c8b28

    SHA256

    cb8f1e4552c6c246812acdde81d498cef88f0bb227d861a1919a1ea75fab465e

    SHA512

    c9485faf0744211cca397273435d4ee96424d51ff286801f4e35c4739cf03cfff47ea5263bd7c843898ad99c1795f276217481ef744416d70938a388a8ceb8fb

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\68AD.tmp
    Filesize

    412KB

    MD5

    fcebf7df3fb210b88e341606827245e6

    SHA1

    1d6d8ee85dc7cd8c7f6b20f94770a0b6099c8b28

    SHA256

    cb8f1e4552c6c246812acdde81d498cef88f0bb227d861a1919a1ea75fab465e

    SHA512

    c9485faf0744211cca397273435d4ee96424d51ff286801f4e35c4739cf03cfff47ea5263bd7c843898ad99c1795f276217481ef744416d70938a388a8ceb8fb

    Download Submit