Overview

overview

7

Static

static

3

c4c2c20dd3...5e.exe

windows7-x64

7

c4c2c20dd3...5e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 14:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4c2c20dd3a6ae14e781f6a1c41f015e.exe

  • Size

    1.9MB

  • MD5

    c4c2c20dd3a6ae14e781f6a1c41f015e

  • SHA1

    d1038668ae9b312214cabab46078560b84a008f4

  • SHA256

    3c55f7ecd2a0651bdb8f728d893e2754544f43428247fb5d8c9ec7615d168a03

  • SHA512

    c3fb49471c25f0baae49ea704870e426e60a92f02ff3f935255b659bf3c750780bc83536299446561ee1ac2ff7785476d52e31a70fa36cb870a1b75c47130789

  • SSDEEP

    49152:Qoa1taC070dTgVDtXC83SH5kG0S9Ztb9UE2mzW94yMP:Qoa1taC06eDtXd3SZkbS9Xberk4f4

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c4c2c20dd3a6ae14e781f6a1c41f015e.exe
    "C:\Users\Admin\AppData\Local\Temp\c4c2c20dd3a6ae14e781f6a1c41f015e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2428
    • C:\Users\Admin\AppData\Local\Temp\5235.tmp
      "C:\Users\Admin\AppData\Local\Temp\5235.tmp" --splashC:\Users\Admin\AppData\Local\Temp\c4c2c20dd3a6ae14e781f6a1c41f015e.exe A4C396DAE6B2BA747ED23985530E0FDD3F17C229998D2B9E4930597AA82F3D2775E85876E5FABE2B922EFC64E80D249E08AD091264FF4579426EC8AD60F9CB4E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5235.tmp
    Filesize

    1.9MB

    MD5

    f673e685fd8616ea874c3804c79490e8

    SHA1

    0d789881be3baeed630bb58479c9dce64a6f7a46

    SHA256

    cb1e759f9ca5b104caeeba39501ff5f7038a41a8264ebe1d46890b9985cb33e4

    SHA512

    bebad8eaff5ca99774f9191d5233284903931ef37365fb7026f69e0cb861ebbca619b1049ea688ffb48846238ab42625a7dbbf2367b94bd84543f6b4dcab5d80

    Download Submit

  • memory/2428-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2924-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download