Overview

overview

7

Static

static

3

4effbe5669...JC.exe

windows7-x64

7

4effbe5669...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    15/07/2023, 13:50

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    4effbe56693765exeexe_JC.exe

  • Size

    412KB

  • MD5

    4effbe566937653e55df77cb371d95c8

  • SHA1

    d5e5fa71ee8c10e1deb9ba455a77c94932ff7e77

  • SHA256

    e59f3e5458d5103235138a20cea7ffe509486ff208ad383cdf6ded35068559d4

  • SHA512

    1674e3f8039ed24bd79f66f0bda2fb2ece2f90f7277ecd3fccc18a373bf6c410dee816cdb453a3dad69b4edbf3856d529e7d1e85a4d3d45ba2b4f09dd78479d0

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnk+hiA1FVYLEF7y4j6oXTm5IkaP:U6PCrIc9kph5RjPiE5Tj6oXTm5In

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4effbe56693765exeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\4effbe56693765exeexe_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2472
    • C:\Users\Admin\AppData\Local\Temp\7A1F.tmp
      "C:\Users\Admin\AppData\Local\Temp\7A1F.tmp" --pingC:\Users\Admin\AppData\Local\Temp\4effbe56693765exeexe_JC.exe C4B55B5F2E550A48FE95C6F304D5142C9A275A963CE124195ABFA442C15311D76641C827A5515A64D3405B30C2FEB41CC303C6D3FD65609AA211C8C0A119D2B9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2336

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\7A1F.tmp
          Filesize

          412KB

          MD5

          551416c42d6ab848684b621fe95de20f

          SHA1

          e848014936ba6bce3dc7d389e09a1a852f7a2805

          SHA256

          da8c84f9fe662aa21e645fc353e38aa13abfde6e6730c5f3dbf906ac48b5e5f2

          SHA512

          c5d59f6ea8bc08395332778adc420abe85b3e4d3e077e81ebe2e4446f9ceb35a3a57d7bbd271b7b874c260f191e8324499d5d6d2303a2ffe188fced615028fa4

          Download Submit

        • \Users\Admin\AppData\Local\Temp\7A1F.tmp
          Filesize

          412KB

          MD5

          551416c42d6ab848684b621fe95de20f

          SHA1

          e848014936ba6bce3dc7d389e09a1a852f7a2805

          SHA256

          da8c84f9fe662aa21e645fc353e38aa13abfde6e6730c5f3dbf906ac48b5e5f2

          SHA512

          c5d59f6ea8bc08395332778adc420abe85b3e4d3e077e81ebe2e4446f9ceb35a3a57d7bbd271b7b874c260f191e8324499d5d6d2303a2ffe188fced615028fa4

          Download Submit