Overview

overview

7

Static

static

3

639e89c9d1...ae.exe

windows7-x64

7

639e89c9d1...ae.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    181s
  • max time network
    187s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    13/10/2023, 19:58

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.exe

  • Size

    5.2MB

  • MD5

    2fa3932b23af386394a88dab92449ab1

  • SHA1

    c1ddc7ce8b2eb59979a24e12917d2d92d9f929cf

  • SHA256

    639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae

  • SHA512

    f4197efacff72550711cd235afec906e1aa73a3ae075380f7fa764edcaf1105c533111b1fdf9452c3c8bee6a1f8cfca60e16236e3cae971653d0672bb9ff0b49

  • SSDEEP

    98304:3iTy7gQAppqgmrzEwuVAcYmu/KdNOTd31umF6Tq5OggzrrI:3BEqgwzEwcAeu/yQD6TbZY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.exe
    "C:\Users\Admin\AppData\Local\Temp\639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1544
    • C:\Users\Admin\AppData\Local\Temp\is-A7824.tmp\639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-A7824.tmp\639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.tmp" /SL5="$D014C,4586540,792576,C:\Users\Admin\AppData\Local\Temp\639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.exe"
      2⤵
      • Executes dropped EXE
      PID:3788

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\is-A7824.tmp\639e89c9d1b7d87eeda19db61bef99ea3a5c78b3c4f3d9d4e7319fe5e17557ae.tmp
          Filesize

          3.0MB

          MD5

          d84fe275989b75618a1d5c7d0fb2f8ea

          SHA1

          1421ee6b5a65ccb6565302fca0c86f7d50096976

          SHA256

          c91117ddb4a4668c114bb63b4c70aadcee1c67b0b3142b990a6f0217be26be77

          SHA512

          7cc2fd7ac885529563a3c242852583c95c836605aa10788b54f0073b3050268b0ad9503ee47562301db2434170b889619116dd96e1a788559e9aee7009ce4d6a

          Download Submit

        • memory/1544-1-0x0000000000400000-0x00000000004CF000-memory.dmp

          Filesize

          828KB

          Download

        • memory/1544-8-0x0000000000400000-0x00000000004CF000-memory.dmp

          Filesize

          828KB

          Download

        • memory/3788-6-0x00000000026D0000-0x00000000026D1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/3788-10-0x0000000000400000-0x000000000070D000-memory.dmp

          Filesize

          3.1MB

          Download

        • memory/3788-11-0x00000000026D0000-0x00000000026D1000-memory.dmp

          Filesize

          4KB

          Download