Overview

overview

7

Static

static

3

fe783ec503...3e.exe

windows7-x64

7

fe783ec503...3e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    161s
  • max time network
    176s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 02:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fe783ec50391ef003919616dcbf45d43b77770aa0dff875d55338e11a49adb3e.exe

  • Size

    812KB

  • MD5

    74af88ac74e1f7876d3a0b4fe5e7066f

  • SHA1

    02fb08a34fc39fd97e60c285479aeac4c14fd59f

  • SHA256

    fe783ec50391ef003919616dcbf45d43b77770aa0dff875d55338e11a49adb3e

  • SHA512

    7e2c0ef83ecb6777d6336f95543f9e5072509b4b648861fed98a97072796d3a68ec96e2cba8ced263de5b4cc3bbd10ccb92a0b11581b5ab5381a8918c0bc6da5

  • SSDEEP

    12288:lqmytVdB0rPEDb3kCoI641jxy7GHEX2rnAv8MktrOKxp22CMOZ/1Sq:lqxtVfNDb31oT41+aneOrO4p2zMOZ/V

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of NtSetInformationThreadHideFromDebugger 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fe783ec50391ef003919616dcbf45d43b77770aa0dff875d55338e11a49adb3e.exe
    "C:\Users\Admin\AppData\Local\Temp\fe783ec50391ef003919616dcbf45d43b77770aa0dff875d55338e11a49adb3e.exe"
    1⤵
    • Suspicious use of NtSetInformationThreadHideFromDebugger
    • Suspicious use of WriteProcessMemory
    PID:2440
    • C:\Users\Admin\AppData\Local\Temp\1E0A0C0B120C156F155C15A0F0B160A0C160E.exe
      C:\Users\Admin\AppData\Local\Temp\1E0A0C0B120C156F155C15A0F0B160A0C160E.exe
      2⤵
      • Executes dropped EXE
      • Suspicious use of NtSetInformationThreadHideFromDebugger
      PID:2416

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\1E0A0C0B120C156F155C15A0F0B160A0C160E.exe
    Filesize

    812KB

    MD5

    f3e5e4bdd3b5f99b05dfa5318355e154

    SHA1

    10bfb050ca77b58531260d54b923e7b63c94d9c7

    SHA256

    a3578b539f7b339d89fcfcbf974c59a7161637c44dc4f234809e84182b07b2bc

    SHA512

    800ac4df62e285e4433530f84189ee39f743f3fabb7da1732ee3d2329f80625b2f3b959ac16369a135ff11d1e3d793803369cecd2fea35575076dfc7ed3c7449

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\1E0A0C0B120C156F155C15A0F0B160A0C160E.exe
    Filesize

    812KB

    MD5

    f3e5e4bdd3b5f99b05dfa5318355e154

    SHA1

    10bfb050ca77b58531260d54b923e7b63c94d9c7

    SHA256

    a3578b539f7b339d89fcfcbf974c59a7161637c44dc4f234809e84182b07b2bc

    SHA512

    800ac4df62e285e4433530f84189ee39f743f3fabb7da1732ee3d2329f80625b2f3b959ac16369a135ff11d1e3d793803369cecd2fea35575076dfc7ed3c7449

    Download Submit

  • memory/2416-7-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2416-11-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2416-12-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2440-0-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2440-2-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/2440-8-0x0000000000400000-0x00000000005AB000-memory.dmp

    Filesize

    1.7MB

    Download