Overview

overview

10

Static

static

3

62118c1a79...2f.exe

windows7-x64

7

62118c1a79...2f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 09:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    62118c1a7904986fcdf7f6528bf40d2f.exe

  • Size

    577KB

  • MD5

    62118c1a7904986fcdf7f6528bf40d2f

  • SHA1

    24cf6a814ba02a73342d6b6633e3e0a25acf06bd

  • SHA256

    1843c1b7e4384901bd8725daf296a716247c8636556b22af619b8485d9e27c57

  • SHA512

    e79d15512cba63ee64fa38385db3b1cf5276c747386581d5c270ed26f3738ac280a66284026d265cea1dc0ab808d6e0c6b4981a4699531db83869b41ff8d3458

  • SSDEEP

    12288:dtHA0+aLqijURNVD2HCiXhBJPcmlrzoo:dtHAQLqO6VyHXJ7n

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\62118c1a7904986fcdf7f6528bf40d2f.exe
    "C:\Users\Admin\AppData\Local\Temp\62118c1a7904986fcdf7f6528bf40d2f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Users\Public\Music\systemcheck.exe
      C:\Users\Public\Music\systemcheck.exe
      2⤵
      • Executes dropped EXE
      PID:2128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Public\Music\systemcheck.exe
    Filesize

    577KB

    MD5

    62118c1a7904986fcdf7f6528bf40d2f

    SHA1

    24cf6a814ba02a73342d6b6633e3e0a25acf06bd

    SHA256

    1843c1b7e4384901bd8725daf296a716247c8636556b22af619b8485d9e27c57

    SHA512

    e79d15512cba63ee64fa38385db3b1cf5276c747386581d5c270ed26f3738ac280a66284026d265cea1dc0ab808d6e0c6b4981a4699531db83869b41ff8d3458

    Download Submit