Overview

overview

7

Static

static

3

0af6a9a9d4...9e.exe

windows7-x64

7

0af6a9a9d4...9e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    134s
  • max time network
    143s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-12-2023 10:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0af6a9a9d4c98a0da92c5f0927c1179e.exe

  • Size

    1.9MB

  • MD5

    0af6a9a9d4c98a0da92c5f0927c1179e

  • SHA1

    d8e9b532ca4a40496f122e09036fa8e444023189

  • SHA256

    82de2bbca17f20d33a5706df513eb05ec53702c62621c459e2b59feb250917c3

  • SHA512

    02fecfc2eca695960af4ce45e38af688f094d3422a194e05bdc2f95462cfedeaec38709a802649c5ea06cd3cb04ca4ac4f372b0b65fa05300cdf433df960200e

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10d4bophiNj/onSYgDGshbjUA7n372Pky+V07:Qoa1taC070dRhiKSY69bjLb7CkzC

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0af6a9a9d4c98a0da92c5f0927c1179e.exe
    "C:\Users\Admin\AppData\Local\Temp\0af6a9a9d4c98a0da92c5f0927c1179e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1772
    • C:\Users\Admin\AppData\Local\Temp\5B7E.tmp
      "C:\Users\Admin\AppData\Local\Temp\5B7E.tmp" --splashC:\Users\Admin\AppData\Local\Temp\0af6a9a9d4c98a0da92c5f0927c1179e.exe 03CDEC333FE73834D625293309663A33B00120B538E2F937D34D2727E336A1D14D10E3B852E8142619635F0684AD774BF5DB2F84078A37FE3E1C5964B86844C7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5B7E.tmp
    Filesize

    1.9MB

    MD5

    a6d19e061609a4df6cf8f3ffb67fe79c

    SHA1

    39cafae3accd415d2a6893311612c4a490e552bc

    SHA256

    9b1f980c1fc0ac53059824274fb1f69fad3ac795ddbfdea2e0416beee46ceb88

    SHA512

    5f858bc83ebadddbc45c160da802897206f48426ae4d337897d77299dd0752a2c64541feb46e2a6a4a0196a465b4f4f8b050fae6d137e1045ef2278566064a4e

    Download Submit

  • memory/1772-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2660-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download