Overview

overview

7

Static

static

3

9a3aaa34933b87_JC.exe

windows7-x64

7

9a3aaa34933b87_JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    17/07/2023, 17:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    9a3aaa34933b87_JC.exe

  • Size

    412KB

  • MD5

    9a3aaa34933b879c414ea53b274ac0ce

  • SHA1

    8bc6d50c5f5aac7717df64d4cdb8316527f6c6e2

  • SHA256

    795b53c607fc70984dc038c909f9aa51773fd2ba31cad1386d2bb5a2023b3127

  • SHA512

    2e81a99793131dfb92a87b661e82b31e1427ccd05e287aff786fac15ab60f05c95e2e20c8c1942308fcfd14f3d979567ba3af2df9dbb8538d000a34016864b13

  • SSDEEP

    6144:UooTAQjKG3wDGAeIc9kphIoDZnj+ZUOGlKSkerrVRQ4N1g2d7zY1w5gnnL4KuP:U6PCrIc9kph5gZGLRnpewinnL4K+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9a3aaa34933b87_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\9a3aaa34933b87_JC.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2132
    • C:\Users\Admin\AppData\Local\Temp\B7DA.tmp
      "C:\Users\Admin\AppData\Local\Temp\B7DA.tmp" --pingC:\Users\Admin\AppData\Local\Temp\9a3aaa34933b87_JC.exe 9CC8016F72D5E9D6005DCC9791E8C85237323ACDBFC1EEA52D84B47164BC6EE4AE38EE03FD23F94A048ACC9B1154638894FC2CDA86F3DBA68F0289FA6B72C5AE
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1528

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\B7DA.tmp
          Filesize

          412KB

          MD5

          5063e6c781c8551b1ebec6977f03d4fc

          SHA1

          4e842ddd11e1973d9a9bfb5ed7907b7ec2906699

          SHA256

          f11de8b89dfb98ef420d982544f5a75afeeebabb0f15f6efec62e7644748a37b

          SHA512

          8ce0335de2ea4b5435aa2bdcd6cda886b62bea3df6dadc93a961a04156e6c2162f26e6b7ed4d7de9edcdc32891d687c35749a72874ba93ab0213d8d28fd682cc

          Download Submit

        • \Users\Admin\AppData\Local\Temp\B7DA.tmp
          Filesize

          412KB

          MD5

          5063e6c781c8551b1ebec6977f03d4fc

          SHA1

          4e842ddd11e1973d9a9bfb5ed7907b7ec2906699

          SHA256

          f11de8b89dfb98ef420d982544f5a75afeeebabb0f15f6efec62e7644748a37b

          SHA512

          8ce0335de2ea4b5435aa2bdcd6cda886b62bea3df6dadc93a961a04156e6c2162f26e6b7ed4d7de9edcdc32891d687c35749a72874ba93ab0213d8d28fd682cc

          Download Submit