Overview

overview

7

Static

static

3

3ddc846fa1...9c.exe

windows7-x64

7

3ddc846fa1...9c.exe

windows10-2004-x64

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19-12-2023 14:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3ddc846fa101358f3a776b5e183a809c.exe

  • Size

    1.9MB

  • MD5

    3ddc846fa101358f3a776b5e183a809c

  • SHA1

    3826057dae5a4faf3c2db374159324fe9e4962b8

  • SHA256

    8eaf560507ff55313eaf8b2bc783c2d3045bba32402d997f16ebce1432f3415d

  • SHA512

    bf5463f81ba3b8b11bcc067627c0880dc56c1e86ad9404b9e0d3daf4732241025ee89f29cafc39b4cc91a68147fcd5a31c00ce4b7c953b3f7d7c0938c0eac0ad

  • SSDEEP

    49152:Qoa1taC070dH88iKIbqNOAQiMp/r5dT037HLcDv25hN:Qoa1taC0r8DBNOAQPrOq25r

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3ddc846fa101358f3a776b5e183a809c.exe
    "C:\Users\Admin\AppData\Local\Temp\3ddc846fa101358f3a776b5e183a809c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2960
    • C:\Users\Admin\AppData\Local\Temp\9A8B.tmp
      "C:\Users\Admin\AppData\Local\Temp\9A8B.tmp" --splashC:\Users\Admin\AppData\Local\Temp\3ddc846fa101358f3a776b5e183a809c.exe C7C25A2E8B975237E3BCCED2E02263D63A4A5E08B3E56D290DEDCDEAEE1CFF1DDA718EA824CD6AC16B8E0F558BA3206C6008DEAFD5D5E9BC1DB5763CE3BD7C18
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\9A8B.tmp
    Filesize

    1.9MB

    MD5

    f23a401bfaeee8305063096e08168df4

    SHA1

    dab2983cac3e5cdaf316f87277cc070c13f83f69

    SHA256

    7fd877297c15050d7faba7154b7f23b1c2d9f7094f770715fce83255d3b56e89

    SHA512

    d62ff1c91328a2fc0de67f5627b30918acf164464be250d1cbb911466adb9d998866c5be303f6b6fe30f02e34d34c4265fb09d03371c508e33cb084ad36e3054

    Download Submit

  • memory/2960-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/3020-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download