Overview

overview

7

Static

static

3

55840754aa...4f.exe

windows7-x64

7

55840754aa...4f.exe

windows10-2004-x64

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19-12-2023 15:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    55840754aa1f3616fa893ce552b9834f.exe

  • Size

    4.2MB

  • MD5

    55840754aa1f3616fa893ce552b9834f

  • SHA1

    1b8608e6537d182307d94da89db19acb302096cf

  • SHA256

    2508c19d0a2a4c1c1efc6d0a35dde78b44a7b303d85ff1fa12215bc57bd3541f

  • SHA512

    7a0a7d26d95c837239637ce28d391b8b095d69efd294fd1adfcb0e30d0620242831c94076cade1e5180e4f6bd22faf5bd3c395269aa9087346fcd62e46684909

  • SSDEEP

    98304:emhd1Urye/YNHLDYTp0PtIUk6VLUjH5oxFbxCVLUjH5oxFbx:elQY2PtIUTVUjZEdCVUjZEd

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\55840754aa1f3616fa893ce552b9834f.exe
    "C:\Users\Admin\AppData\Local\Temp\55840754aa1f3616fa893ce552b9834f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Users\Admin\AppData\Local\Temp\46FF.tmp
      "C:\Users\Admin\AppData\Local\Temp\46FF.tmp" --splashC:\Users\Admin\AppData\Local\Temp\55840754aa1f3616fa893ce552b9834f.exe 2FD82056986FB4E601F5DFB0B03EA82E193C8A235C4F730FF8C1DA50664325FD36B3486A162F998D36A1F37FF5F8AC424BC5837B3BED4396F5BE47C51994C0C6
      2⤵
      • Executes dropped EXE
      PID:2584

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\46FF.tmp
    Filesize

    4.2MB

    MD5

    e93aabdf95574c003a628f0e25542891

    SHA1

    38aee1aab1ff3e8f9f6db093de6eebc852829c4f

    SHA256

    b0ddb02298a86c3d7dfb717470a9fac8a925ec4aab0a510e3a12930676de6e30

    SHA512

    cbce03601399061c1e5b991d58036bc5ae8bb1f2c6442939ca6aa062d2359d39d26d92c887a91147cf2973792dabf51c55f23251cbf5e9d67e79f01561af0b82

    Download Submit

  • memory/2288-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2584-6-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download