Overview

overview

7

Static

static

3

d8aede857c...0c.exe

windows7-x64

7

d8aede857c...0c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 15:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d8aede857c32553e2b15e97e7f684b0c.exe

  • Size

    1.9MB

  • MD5

    d8aede857c32553e2b15e97e7f684b0c

  • SHA1

    d4fe534a3b415dde115126ae9a746757cc5ce400

  • SHA256

    a7cab9569e9d12aeb68cfb065c5b12be46bcca51eb8ce174e9271f1476324612

  • SHA512

    0cff21d39de26060a4ceaca31b15519996e04493d9cb4459ceb0847bf6d715f13a1b11e6a778691e2c47557f79d8219dcd858a77d51f346b50efbbf245f53584

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dsj+d3Pa2on8G/U+xHtwbyQjzI5E/8Rca2iDo:Qoa1taC070d79iE7RzSEuKiDwnNAKzpT

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d8aede857c32553e2b15e97e7f684b0c.exe
    "C:\Users\Admin\AppData\Local\Temp\d8aede857c32553e2b15e97e7f684b0c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2520
    • C:\Users\Admin\AppData\Local\Temp\A9B.tmp
      "C:\Users\Admin\AppData\Local\Temp\A9B.tmp" --splashC:\Users\Admin\AppData\Local\Temp\d8aede857c32553e2b15e97e7f684b0c.exe 9287E265DA18B87B2D0D96A0A5816FFD75A5FE762273FB9138DC18C4F9148ADF91657FA973D9A4BD061E041322BB1284C862CF399609A498F46A5BFD19A0633C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2984

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\A9B.tmp
          Filesize

          155KB

          MD5

          9b20d69b6e9c98a92735a6fe4e9cbe48

          SHA1

          6b14a39a628551903e563b0b446b3bf17f19e860

          SHA256

          377fd2cecd3d77f9f4224a198c5de1924f7628715cb7525b428068349f334067

          SHA512

          bdaec138a5abc2f9bf733e7d0e5242a1118aa6466438c70ddda7f0ef25309c70335a4378aaad5fc63d73aced74cc334a76be415ade333871d0bbde031ac69335

          Download Submit

        • \Users\Admin\AppData\Local\Temp\A9B.tmp
          Filesize

          66KB

          MD5

          4676fc310b3cf355be16ced4415c0dd1

          SHA1

          6dd258bc6b8f3534f31d9d306f31b807aaa28fd2

          SHA256

          f5fdfbe9006441c979f23172bac1c305fb3d0a30df24ad7e99de70df1a90a99e

          SHA512

          bd9dc1fb4578dbb513c76cd67ca3c6fa566535d2b2bced394dd2d0b7527f21d2836d07871f3b5244e19a96cdfc26c5eacfeae85ad7d3c31a2ffc8d660d75917f

          Download Submit

        • memory/2520-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2984-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download