Overview

overview

7

Static

static

3

350daef6f4...JC.exe

windows7-x64

7

350daef6f4...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    138s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/07/2023, 10:07

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    350daef6f4eec9exeexe_JC.exe

  • Size

    428KB

  • MD5

    350daef6f4eec9db34fd5a9245ebb4dd

  • SHA1

    12667b7b954456bf969d8c4cfadf1c1cb521fada

  • SHA256

    337c15129005d2e297786c6bfd1e6de1719ef8b26eee19a705e0270b514e72fa

  • SHA512

    f6ed74ac2a4961d7657e23ca44761daf00d75fdf21419908917eccced5931539daeb0120ec9082a11bcd5730047a4ebec4ab5be804630dd99696db42cc3280de

  • SSDEEP

    12288:Z594+AcL4tBekiuKzEryr10lw2phLVR2LIUSJrRl:BL4tBekiuVryC+ILV0LIJrR

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\350daef6f4eec9exeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\350daef6f4eec9exeexe_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3968
    • C:\Users\Admin\AppData\Local\Temp\82EB.tmp
      "C:\Users\Admin\AppData\Local\Temp\82EB.tmp" --helpC:\Users\Admin\AppData\Local\Temp\350daef6f4eec9exeexe_JC.exe B08E392EA47343705DD856D9825949E1DCA58C07742320D9B0A14399CAAA6787F3A327CCFFF51F071C2710810BDBE4E46AD0943E05926898E5AB1BF67E7B7389
      2⤵
      • Executes dropped EXE
      PID:2724

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\82EB.tmp
          Filesize

          428KB

          MD5

          ef1ac91e3dbba98fdd4915f8031bf2b3

          SHA1

          a221d36e457edd37521d3d273c7b553ddeb48e56

          SHA256

          3739d2254d4a0f24c237133a833d44dbd7a387d2b8c0ca60cf5e338237202e5c

          SHA512

          0808c1615be069144143b583ddb0ca389d59c4ee3390982f89076e24b691aa7e32ef7658d021575210837d389c155f3c4b752d645d14f8397e022a9d7d83a2f1

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\82EB.tmp
          Filesize

          428KB

          MD5

          ef1ac91e3dbba98fdd4915f8031bf2b3

          SHA1

          a221d36e457edd37521d3d273c7b553ddeb48e56

          SHA256

          3739d2254d4a0f24c237133a833d44dbd7a387d2b8c0ca60cf5e338237202e5c

          SHA512

          0808c1615be069144143b583ddb0ca389d59c4ee3390982f89076e24b691aa7e32ef7658d021575210837d389c155f3c4b752d645d14f8397e022a9d7d83a2f1

          Download Submit