Overview

overview

10

Static

static

3

a59e5080bc...JC.exe

windows7-x64

10

a59e5080bc...JC.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    132s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12-10-2023 11:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a59e5080bc8db85569321aaa3d91a810_JC.exe

  • Size

    5.9MB

  • MD5

    a59e5080bc8db85569321aaa3d91a810

  • SHA1

    9f5b8f027ec8b4a188236961f8e3b260f6748180

  • SHA256

    ebf00b4085d40901fa76f8ebaa4d0f4a171d5dabb816da27f5621ed11944554d

  • SHA512

    7f179c078cf3b74e208160e79908e6c16e12c530d2b8a3b789f8ca8acba8680df7abefd276965ca5c67fade3bedba6e10bd8bf96bcebf94187183631a950db0a

  • SSDEEP

    98304:njj6l/ydwugGr8DwuwnUwMg6C7Vy3KrytzoqqA5e5UA6rO3XO07WsnYmKPCwD3Y5:jjM/MrwDwu4Mm7V2Kry3ZE6q3XTCsYNw

Score
10/10
persistence

Malware Config

Signatures

  • Modifies WinLogon for persistence 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 64 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a59e5080bc8db85569321aaa3d91a810_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\a59e5080bc8db85569321aaa3d91a810_JC.exe"
    1⤵
    • Modifies WinLogon for persistence
    • Drops file in System32 directory
    PID:3432

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\DC++ Share\javac.exe
    Filesize

    82KB

    MD5

    bf2b45c44c163235c51b55167501052a

    SHA1

    ef022b1ded3fb67730258f37bf257f06b80138a4

    SHA256

    1318d6d1b30d2268c33565e1d1d160e421d986ccff7a6807e4e910c4dbeeb27d

    SHA512

    7f9554bf9cdafebbb9b535a94dce0da985ba655b9a7a7fff78d55851e391e6308e824dee3acf0a23cc367298dad182fbfac76e695ac0aa431e69fa5a3f871b62

    Download Submit

  • C:\Windows\SysWOW64\xdccPrograms\7z.exe
    Filesize

    6.0MB

    MD5

    5e3542cc23f41f8d9be321206534daac

    SHA1

    e75e0a7f5ce5efef3d84dd4facfaf470651f48e1

    SHA256

    03e5e89900891b8842a7dffabaeb54dcb4355691d7b8176ec2e3e798d4ad078e

    SHA512

    ea833b6ec6b7017df62e8bd7b1f310967732a735826ced0d1ac486d4764f7e5d1873635579dfe740da275d7ee1fdce4e9a6a4e2ade86d4d26dd62e4b52bd9cd8

    Download Submit

  • memory/3432-30-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-21-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-24-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-25-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-26-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-27-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-22-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-23-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-103-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-104-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-105-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-106-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-107-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download

  • memory/3432-108-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download