Overview

overview

7

Static

static

3

40d874d957...JC.exe

windows7-x64

7

40d874d957...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    133s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/07/2023, 11:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    40d874d957f93eexeexe_JC.exe

  • Size

    412KB

  • MD5

    40d874d957f93e26da80e54f3e4489fc

  • SHA1

    a6f63a5676211134821e72e29299c3cc8a355580

  • SHA256

    8946dfb4edeaa415ddbaeaad2f3ab87a471e5620be46d0204886ef86e5bf8ac5

  • SHA512

    612dcc1c336c97e879fb44ddbb31508ba4c8e41138f530d2816e2500e9a268bdf077e2c0720ba345eb7a381387443080316fb217b7b316ac0f52129ca20b2a19

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnNnM53ouK9Yg/q1jHVrQLVZsKabZjXDhdZQJmMP:U6PCrIc9kph53UvM3/q1jH5muFVjXW

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\40d874d957f93eexeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\40d874d957f93eexeexe_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Users\Admin\AppData\Local\Temp\CC97.tmp
      "C:\Users\Admin\AppData\Local\Temp\CC97.tmp" --pingC:\Users\Admin\AppData\Local\Temp\40d874d957f93eexeexe_JC.exe C3E8D01E10FE624DD4C0269EB23AC92D35424B1D1EC17570B6115EDD8035E01FE81E92BA50DC369F832EA7D10154AEDFE024A33C966FE33921BE4861EA394916
      2⤵
      • Executes dropped EXE
      PID:3012

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\CC97.tmp
          Filesize

          412KB

          MD5

          9338cdc76ea99e1dc305f337450ebbec

          SHA1

          19b276e5eb8f0ae1b48173ef69f82a281832185e

          SHA256

          a09f50096b924f0eb1008fe4fb91f5f15fa43a12c49097116d399fd82699c5a9

          SHA512

          cf57833ed4ce2c2c650d6948e4037d794a4a015d54c1a6aa1691f7652d51d925eb0f04e55fd1908f122a3ce979c5d121868d08f816714277619b5a9407893ee6

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\CC97.tmp
          Filesize

          412KB

          MD5

          9338cdc76ea99e1dc305f337450ebbec

          SHA1

          19b276e5eb8f0ae1b48173ef69f82a281832185e

          SHA256

          a09f50096b924f0eb1008fe4fb91f5f15fa43a12c49097116d399fd82699c5a9

          SHA512

          cf57833ed4ce2c2c650d6948e4037d794a4a015d54c1a6aa1691f7652d51d925eb0f04e55fd1908f122a3ce979c5d121868d08f816714277619b5a9407893ee6

          Download Submit