Overview

overview

7

Static

static

3

53eea8664d...da.exe

windows7-x64

7

53eea8664d...da.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    152s
  • max time network
    147s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/07/2023, 01:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    53eea8664d54198e1989301b12f795da.exe

  • Size

    112.3MB

  • MD5

    53eea8664d54198e1989301b12f795da

  • SHA1

    00bddca8bba387a76d6f18fc942859acf9ff5a60

  • SHA256

    a7c997ba3c3e91c048f80f96f08754948428f6d3fe4001bab79c4ae09d06c5e0

  • SHA512

    e05bd2e369b19b818f715a14ceb2c35b2f8409e5524d347d3093ef82667675bf719af17ab77412156aa62748aa17572d622b163bb6d187d917282f49e56ff831

  • SSDEEP

    3145728:kNS0yY1k/bQS8yJQZI3XeKBPKi2O3hE4AGzUVeQgnFV:koqcQ+3XHD2OxEfPQQgnFV

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\53eea8664d54198e1989301b12f795da.exe
    "C:\Users\Admin\AppData\Local\Temp\53eea8664d54198e1989301b12f795da.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5080
    • C:\Users\Admin\AppData\Local\Temp\is-SO9PU.tmp\53eea8664d54198e1989301b12f795da.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-SO9PU.tmp\53eea8664d54198e1989301b12f795da.tmp" /SL5="$5011C,115841256,1202688,C:\Users\Admin\AppData\Local\Temp\53eea8664d54198e1989301b12f795da.exe"
      2⤵
      • Executes dropped EXE
      PID:4004

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\is-SO9PU.tmp\53eea8664d54198e1989301b12f795da.tmp
          Filesize

          3.4MB

          MD5

          07b96c2d1823a0a548832c1062799d85

          SHA1

          65a35826b0e6d93700256fd8a4710cc039bd7b8d

          SHA256

          c5ba29e4c82fca9adfcd3a6b60b3bf786abe7178928f80cb60eca3564e35b3de

          SHA512

          abf2ba63976bd6622f3a1cda816c8f2267b59c079d6092ff60e7f52be893a993e3b457a174092c74056628e9694fa9efc8d823d14b4d658a9eb59c622d992f65

          Download Submit

        • memory/4004-139-0x0000000002880000-0x0000000002881000-memory.dmp

          Filesize

          4KB

          Download

        • memory/4004-142-0x0000000000400000-0x0000000000776000-memory.dmp

          Filesize

          3.5MB

          Download

        • memory/4004-143-0x0000000002880000-0x0000000002881000-memory.dmp

          Filesize

          4KB

          Download

        • memory/5080-134-0x0000000000400000-0x0000000000533000-memory.dmp

          Filesize

          1.2MB

          Download

        • memory/5080-141-0x0000000000400000-0x0000000000533000-memory.dmp

          Filesize

          1.2MB

          Download