Overview

overview

7

Static

static

3

4979ff3975...JC.exe

windows7-x64

7

4979ff3975...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    123s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-07-2023 13:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4979ff3975c587exeexe_JC.exe

  • Size

    412KB

  • MD5

    4979ff3975c587e23be1c0bcd423d8fc

  • SHA1

    547bc749e3777d2a1a05358b5d0cfbcc16be2f48

  • SHA256

    cf2df07af095cd59ae8bbc6364ef25d6c8e5b983cbc22642a2ee8d7bbbd0abb2

  • SHA512

    5881f0afc5c69931d9e0a364e46b17a596794a9309747f5a382488c0804efd29ba18872c4a49bfa6c09b0b380e3c0ef8fc016de321a2a1c2f0aba4ea72eb1ffb

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZn27eq+TJv60zRxPV+k0tDMGYtx4Lm/NiP:U6PCrIc9kph5U7pQZzRxPKwGxL

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4979ff3975c587exeexe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\4979ff3975c587exeexe_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4224
    • C:\Users\Admin\AppData\Local\Temp\B15E.tmp
      "C:\Users\Admin\AppData\Local\Temp\B15E.tmp" --pingC:\Users\Admin\AppData\Local\Temp\4979ff3975c587exeexe_JC.exe 09CBF5FC761190B17139A7AF6ECDCAC0B57F368B2C5B930A3AF969CF7030E39F8DA7EC93452A6F007C05C3FC38816E2F4074B0F8CD639EEBDD6E9E9912047B7A
      2⤵
      • Executes dropped EXE
      PID:4188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\B15E.tmp
    Filesize

    412KB

    MD5

    34d9f67db1fd227cdb80858d83de0d22

    SHA1

    0f376cdca0437f729520f010046567c0ae161e41

    SHA256

    060ee09d02e95a49ce7af5f9247d312163ebe189964e8fbf1a4755998ff6893c

    SHA512

    7a77ee4463d6045433b78e06d59d27d54e74d67661d92bd8a04eb34d0f3161437dc9dbf29c8b7bd63fb951122afd3c201086cf90e550436577c4445a5984cc40

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\B15E.tmp
    Filesize

    412KB

    MD5

    34d9f67db1fd227cdb80858d83de0d22

    SHA1

    0f376cdca0437f729520f010046567c0ae161e41

    SHA256

    060ee09d02e95a49ce7af5f9247d312163ebe189964e8fbf1a4755998ff6893c

    SHA512

    7a77ee4463d6045433b78e06d59d27d54e74d67661d92bd8a04eb34d0f3161437dc9dbf29c8b7bd63fb951122afd3c201086cf90e550436577c4445a5984cc40

    Download Submit