Overview

overview

7

Static

static

3

e596518baa...JC.exe

windows7-x64

7

e596518baa...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2023, 13:01

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e596518baa4d62exe_JC.exe

  • Size

    428KB

  • MD5

    e596518baa4d6241ac5ccfb57e14c77e

  • SHA1

    26b7fa1dac2f6dd36b5626ea7c1eb5dce824e615

  • SHA256

    323cfba7d18ed99fd81f5a8de23abe2d46c1883bb1c5cccbfeda1dace7284890

  • SHA512

    62b00623c82069bc878f66f75c3c8f98c000c26fe85046d0f4b0956793b3f5e3b79dd1cce16645ed525d481625a49124f8813e42d1b1a7d7ef3a946085162849

  • SSDEEP

    12288:Z594+AcL4tBekiuKzErIstPjhrO5JHL+9ne/GQ3VGwDGul:BL4tBekiuVrIYhC5JL2Y4wDGu

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\e596518baa4d62exe_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\e596518baa4d62exe_JC.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1920
    • C:\Users\Admin\AppData\Local\Temp\882B.tmp
      "C:\Users\Admin\AppData\Local\Temp\882B.tmp" --helpC:\Users\Admin\AppData\Local\Temp\e596518baa4d62exe_JC.exe 5D3FD0F911B924CB647315A1D370BCDA33F5CA4B757B791139E97C9C51537DF0CFFB9F99E7C7076171C4708D72EF0B07F154005A9ECE92478BBB867108DC9B15
      2⤵
      • Executes dropped EXE
      PID:1612

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\882B.tmp
          Filesize

          428KB

          MD5

          c5cc4da3c9db7c5d128025dddd688711

          SHA1

          ee3f95a2d9940a8eea14b7f5ee7c8073bf9dd159

          SHA256

          94147efffc087d4cbb4d6079c8695b5c1607cfd7c467355a7c1c1d401f9c8d38

          SHA512

          d6e86794878464a76673ec4c57832842bb0f747c9458985672b32255b3f282a723feb1f497ec00a33a2b7e609647d2335bad101048292a0f7a6a913549143367

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\882B.tmp
          Filesize

          428KB

          MD5

          c5cc4da3c9db7c5d128025dddd688711

          SHA1

          ee3f95a2d9940a8eea14b7f5ee7c8073bf9dd159

          SHA256

          94147efffc087d4cbb4d6079c8695b5c1607cfd7c467355a7c1c1d401f9c8d38

          SHA512

          d6e86794878464a76673ec4c57832842bb0f747c9458985672b32255b3f282a723feb1f497ec00a33a2b7e609647d2335bad101048292a0f7a6a913549143367

          Download Submit