Overview

overview

7

Static

static

3

40d874d957...JC.exe

windows7-x64

7

40d874d957...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2023, 11:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    40d874d957f93eexeexe_JC.exe

  • Size

    412KB

  • MD5

    40d874d957f93e26da80e54f3e4489fc

  • SHA1

    a6f63a5676211134821e72e29299c3cc8a355580

  • SHA256

    8946dfb4edeaa415ddbaeaad2f3ab87a471e5620be46d0204886ef86e5bf8ac5

  • SHA512

    612dcc1c336c97e879fb44ddbb31508ba4c8e41138f530d2816e2500e9a268bdf077e2c0720ba345eb7a381387443080316fb217b7b316ac0f52129ca20b2a19

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnNnM53ouK9Yg/q1jHVrQLVZsKabZjXDhdZQJmMP:U6PCrIc9kph53UvM3/q1jH5muFVjXW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\40d874d957f93eexeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\40d874d957f93eexeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2080
    • C:\Users\Admin\AppData\Local\Temp\BE5F.tmp
      "C:\Users\Admin\AppData\Local\Temp\BE5F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\40d874d957f93eexeexe_JC.exe F9C52B92FE055BD904F737ADA4A65F928C03046ABF11F09935ADB6710235C8A5AC3F1FD7E8D1D21CFB8A614AB4263C3D14A5D696013B94F005FD23F36EEF80BD
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\BE5F.tmp
    Filesize

    412KB

    MD5

    64f815aa38398c09a3d8d1e66414c4de

    SHA1

    be5ccd86dc37f183349c89b82c4a97a8fa697483

    SHA256

    129e43957af2b391085c4d3e9a0029eecb1c3a22cef99446abe622c2adf4e897

    SHA512

    c8c196ec06312b3c976ec1c0201f5a98e539cdcf0cd0642dbd5d79542d679a74bead9add04190047aa894abd095b97f8c03ea232bf1c9897cae9c89c1c374443

    Download Submit

  • \Users\Admin\AppData\Local\Temp\BE5F.tmp
    Filesize

    412KB

    MD5

    64f815aa38398c09a3d8d1e66414c4de

    SHA1

    be5ccd86dc37f183349c89b82c4a97a8fa697483

    SHA256

    129e43957af2b391085c4d3e9a0029eecb1c3a22cef99446abe622c2adf4e897

    SHA512

    c8c196ec06312b3c976ec1c0201f5a98e539cdcf0cd0642dbd5d79542d679a74bead9add04190047aa894abd095b97f8c03ea232bf1c9897cae9c89c1c374443

    Download Submit