Overview

overview

7

Static

static

3

12965f4b8b...ab.exe

windows7-x64

7

12965f4b8b...ab.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 11:19

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    12965f4b8bf93d5ed7593e770723eaab.exe

  • Size

    1.9MB

  • MD5

    12965f4b8bf93d5ed7593e770723eaab

  • SHA1

    7f2583266f05f6523e464893f21bcb12bac5b5b4

  • SHA256

    793ccdd0e9e56b4611c9d277e38efac125e8784482a82d3073a80d71cecd38de

  • SHA512

    10aa4315b1b1d9ae6d0e8bab4b90d346fa31e84c083a79fd8efab6e93a222f9ff9137a8a6ea007afd3eebbc707714f60beb3463eb857fa3bcd9e5b6c34d526f0

  • SSDEEP

    49152:Qoa1taC070dtaXl42KZ3sziNGoLonQd/nhro/j:Qoa1taC0qaX/KZQxoLoQd/nh0/j

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\12965f4b8bf93d5ed7593e770723eaab.exe
    "C:\Users\Admin\AppData\Local\Temp\12965f4b8bf93d5ed7593e770723eaab.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1672
    • C:\Users\Admin\AppData\Local\Temp\B66.tmp
      "C:\Users\Admin\AppData\Local\Temp\B66.tmp" --splashC:\Users\Admin\AppData\Local\Temp\12965f4b8bf93d5ed7593e770723eaab.exe 1EF8B51B902F4AF8A883B7915F0910AE355B5027E43A75E5C53DDCD285A47BC3A0C3553A120EE1AA94D570C3844CAD56A392F0AFA59AD8EB7EDD537A96590BF5
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2036

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\B66.tmp
          Filesize

          1.9MB

          MD5

          6179252130e53a9f84513e178c1af1df

          SHA1

          44103aca69451916e576d7fde334fe413d756c81

          SHA256

          2d920c2a998f648a3b58fb67f88f13b7c742b87ebc1f2025417334ecc83c499e

          SHA512

          96e6b08f25ea10ee4e6e0b6ef09366501d45270560cf9cdb8b9366d6befd1693e816e4775824e2abf254822a743b1ce59c63eca4d6eaff5547cf75989f3056f1

          Download Submit

        • memory/1672-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2036-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download