Overview

overview

6

Static

static

3

0480fda2a5...JC.exe

windows7-x64

6

0480fda2a5...JC.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    122s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    10-10-2023 21:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0480fda2a525b12d9790ede718da1030_JC.exe

  • Size

    909KB

  • MD5

    0480fda2a525b12d9790ede718da1030

  • SHA1

    1391760fb6316ed5d37774cca221c6754d5af304

  • SHA256

    c83664c972a567ad20900c5557a706bf65601d7d518edf0e7d90943b01f804e8

  • SHA512

    cd48ab8d41cf3d707e8def6c5f27c60d167ff8d6af9b24d916332428cce753138dcb18d4386e561e3ebbd1df9fa635a99ad211a1343e713b5a0409ad221b242b

  • SSDEEP

    3072:MGjhaq5iL0beJQZt32wLji5DlsODxRPNDkjmHzW9hUd56JsuBSjwGPmO12i1DzbX:Hha8iAx+1zwjmHd6vB/jO11zk5m

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 3 IoCs
    persistence
  • Drops file in System32 directory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0480fda2a525b12d9790ede718da1030_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\0480fda2a525b12d9790ede718da1030_JC.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    PID:2804

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\AVSCANNER.EXE
    Filesize

    919KB

    MD5

    bff00ef6468c7fdedebdeec7bad5a79c

    SHA1

    057a49d793958aff70c893ae698e09e675b80afd

    SHA256

    b4880b5057302138d4fda6bfe3fb9d4f3c90c5b3f9bb48fac4eda06efe7d406c

    SHA512

    b9faa70c8d989945423d32c3c4eca49187e73ef22608ca7c448a35ccc700b0ffaadbaf9eee0fefa9f59f4ef0155a440f8b72f7a9a0486544e1b571d9d640fce0

    Download Submit

  • memory/2804-0-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/2804-7-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download