eb10c6c78525379a5f2d86f7503876567a8dbb62a7152d37c89407c45cd9f02e

Analysis

max time kernel
265s
max time network
316s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
25/12/2023, 23:51

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

446dda4ec6c874c66c3d81af766d9b00.exe
Size

416KB
MD5

446dda4ec6c874c66c3d81af766d9b00
SHA1

aac669093fadc828a05e8482bd7c81146bf1b17d
SHA256

eb10c6c78525379a5f2d86f7503876567a8dbb62a7152d37c89407c45cd9f02e
SHA512

3881116cdcd82a67c29903a236fa9d186ab69b282f044cdc8fb7a5df6757ed12e6c696935158f3714477a48dfe1b8a08d8913dbc2d21fc8c7c7a541e60438a38
SSDEEP

12288:9ee5Ywh8IwmMvMFpKIITKLJOagAbEpoYKh5XJ40K:himM0baKLJOagASoph5XJ40K

Score

4^/10

Malware Config

Signatures

Drops file in Program Files directory 3 IoCs

description	ioc	Process
File created	C:\Program Files (x86)\Microsoft Office\Office14\BCSSync..exe	446dda4ec6c874c66c3d81af766d9b00.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\BCSSync..exe	446dda4ec6c874c66c3d81af766d9b00.exe
File opened for modification	C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe	446dda4ec6c874c66c3d81af766d9b00.exe

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2376	446dda4ec6c874c66c3d81af766d9b00.exe

C:\Users\Admin\AppData\Local\Temp\446dda4ec6c874c66c3d81af766d9b00.exe
"C:\Users\Admin\AppData\Local\Temp\446dda4ec6c874c66c3d81af766d9b00.exe"
1⤵
- Drops file in Program Files directory
- Suspicious behavior: EnumeratesProcesses
PID:2376

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2376-0-0x0000000000400000-0x000000000047F000-memory.dmp

Filesize
508KB

Download
memory/2376-1-0x0000000000320000-0x0000000000372000-memory.dmp

Filesize
328KB

Download
memory/2376-3-0x00000000004F0000-0x00000000004F1000-memory.dmp

Filesize
4KB

Download
memory/2376-2-0x0000000000500000-0x0000000000501000-memory.dmp

Filesize
4KB

Download
memory/2376-5-0x0000000000520000-0x0000000000521000-memory.dmp

Filesize
4KB

Download
memory/2376-4-0x0000000000490000-0x0000000000491000-memory.dmp

Filesize
4KB

Download
memory/2376-7-0x00000000004E0000-0x00000000004E1000-memory.dmp

Filesize
4KB

Download
memory/2376-6-0x0000000000510000-0x0000000000511000-memory.dmp

Filesize
4KB

Download
memory/2376-9-0x00000000004D0000-0x00000000004D1000-memory.dmp

Filesize
4KB

Download
memory/2376-8-0x00000000004C0000-0x00000000004C1000-memory.dmp

Filesize
4KB

Download
memory/2376-10-0x00000000004B0000-0x00000000004B1000-memory.dmp

Filesize
4KB

Download
memory/2376-11-0x0000000000400000-0x000000000047F000-memory.dmp

Filesize
508KB

Download
memory/2376-12-0x0000000000320000-0x0000000000372000-memory.dmp

Filesize
328KB

Download
memory/2376-13-0x00000000032E0000-0x00000000032E2000-memory.dmp

Filesize
8KB

Download
memory/2376-14-0x0000000003230000-0x0000000003233000-memory.dmp

Filesize
12KB

Download
memory/2376-15-0x0000000003330000-0x0000000003331000-memory.dmp

Filesize
4KB

Download
memory/2376-16-0x0000000003340000-0x0000000003341000-memory.dmp

Filesize
4KB

Download
memory/2376-17-0x00000000032F0000-0x00000000032F1000-memory.dmp

Filesize
4KB

Download
memory/2376-18-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/2376-19-0x0000000000270000-0x0000000000271000-memory.dmp

Filesize
4KB

Download
memory/2376-20-0x0000000003320000-0x0000000003321000-memory.dmp

Filesize
4KB

Download
memory/2376-21-0x0000000003310000-0x0000000003311000-memory.dmp

Filesize
4KB

Download
memory/2376-22-0x0000000003300000-0x0000000003301000-memory.dmp

Filesize
4KB

Download