Overview

overview

7

Static

static

3

589e0c1c3e20eb_JC.exe

windows7-x64

7

589e0c1c3e20eb_JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/07/2023, 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    589e0c1c3e20eb_JC.exe

  • Size

    414KB

  • MD5

    589e0c1c3e20eb5103fdd80f9ec8638a

  • SHA1

    26b212cbb0485c167807ddc3bd08bb2f48fb073a

  • SHA256

    a60dfa8fa646b9a1b5c39211742b42cd1e70fa2c41d5f680f17e9048a6825ccf

  • SHA512

    24bf76e8e6bb167c53ecacb36f3f2f4a3ab9aa8b199c66aa37e48504aa61cfa9c9c826e81462d475035a94b37c15802a4066f05c8c4a9d0c8ae1f5a4a3602fb1

  • SSDEEP

    12288:Wq4w/ekieZgU6tCVo4ZiKU12msVit9OaZllx:Wq4w/ekieH6tCiKE29wr

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\589e0c1c3e20eb_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\589e0c1c3e20eb_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3424
    • C:\Users\Admin\AppData\Local\Temp\7ABE.tmp
      "C:\Users\Admin\AppData\Local\Temp\7ABE.tmp" --helpC:\Users\Admin\AppData\Local\Temp\589e0c1c3e20eb_JC.exe 3945840BDF653341288ECF5694E441255F772C71CCEE8AF17CA3ECD0660BE8ABFB0BBA09E6B5E231CDFE6BEFD7529E71F9C452191AAC0FAEABA611C9AC869AD6
      2⤵
      • Executes dropped EXE
      PID:4948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7ABE.tmp
    Filesize

    414KB

    MD5

    906135d3ed3ba757ee53a5e13b764e9b

    SHA1

    50eee35d21d245a650083d4a175a582768d28f2d

    SHA256

    6b6101000512caef87b0087f98975ed135ce5df74827648c74862815ff295b3e

    SHA512

    a0768f993ca19bb7387a4973c8d950e52ee16f67db1fbe0faf1549d85aace1a97198858ca51718d9a2cdaba91e52c92ecb391e8d59a7c43ab91aca4f19223d2e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\7ABE.tmp
    Filesize

    414KB

    MD5

    906135d3ed3ba757ee53a5e13b764e9b

    SHA1

    50eee35d21d245a650083d4a175a582768d28f2d

    SHA256

    6b6101000512caef87b0087f98975ed135ce5df74827648c74862815ff295b3e

    SHA512

    a0768f993ca19bb7387a4973c8d950e52ee16f67db1fbe0faf1549d85aace1a97198858ca51718d9a2cdaba91e52c92ecb391e8d59a7c43ab91aca4f19223d2e

    Download Submit