Overview

overview

8

Static

static

3

34733ab982...50.exe

windows7-x64

8

34733ab982...50.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    97s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/12/2023, 18:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    34733ab9822c64882c409c39bf36a650.exe

  • Size

    1003KB

  • MD5

    34733ab9822c64882c409c39bf36a650

  • SHA1

    c2569c9eafc6de550a6abf4674e556616656157b

  • SHA256

    7846ed14e7153ec0bc206dd05b28a87c680ecbe8578979c571dadf99c8da9000

  • SHA512

    61264992a545802b64a9f672e9c28c4ea19b2462e804dd9870b64cfb6162a74cb07009d8a2cdd696a54da81bc966b68a21ce754a371933c9ef12e057459ef6f6

  • SSDEEP

    24576:/UMmvGcGS6OB7Agcy0bp1JhuFLYRcAcgf2hzp3ig8ARvDd:/UMEGrS6A7AgcZl1GF84g6ia

Score
8/10
persistence

Malware Config

Signatures

  • Modifies Installed Components in the registry 2 TTPs 2 IoCs
    persistence
  • Drops file in Windows directory 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\34733ab9822c64882c409c39bf36a650.exe
    "C:\Users\Admin\AppData\Local\Temp\34733ab9822c64882c409c39bf36a650.exe"
    1⤵
    • Modifies Installed Components in the registry
    • Drops file in Windows directory
    • Suspicious use of WriteProcessMemory
    PID:3484
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" ¨Á
      2⤵
        PID:4968

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3484-0-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-2-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-3-0x0000000002220000-0x00000000022D1000-memory.dmp

      Filesize

      708KB

      Download

    • memory/3484-5-0x0000000002220000-0x00000000022D1000-memory.dmp

      Filesize

      708KB

      Download

    • memory/3484-6-0x00000000022E0000-0x000000000241A000-memory.dmp

      Filesize

      1.2MB

      Download

    • memory/3484-4-0x0000000000830000-0x0000000000840000-memory.dmp

      Filesize

      64KB

      Download

    • memory/3484-8-0x0000000002420000-0x000000000275D000-memory.dmp

      Filesize

      3.2MB

      Download

    • memory/3484-11-0x0000000002220000-0x00000000022D1000-memory.dmp

      Filesize

      708KB

      Download

    • memory/3484-13-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-14-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-18-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-17-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-19-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-20-0x0000000002CE0000-0x0000000002CE1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3484-23-0x0000000002220000-0x00000000022D1000-memory.dmp

      Filesize

      708KB

      Download

    • memory/3484-25-0x0000000000400000-0x00000000005C7000-memory.dmp

      Filesize

      1.8MB

      Download

    • memory/3484-26-0x0000000000830000-0x0000000000840000-memory.dmp

      Filesize

      64KB

      Download