Overview

overview

8

Static

static

3

7045984618...b4.exe

windows7-x64

8

7045984618...b4.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 12:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7045984618d44b79ff9605a1c74a5fb4.exe

  • Size

    214KB

  • MD5

    7045984618d44b79ff9605a1c74a5fb4

  • SHA1

    7f7d3a9378a32b032bb89b117ab7fc2aa485b69c

  • SHA256

    4da9276009914972ec9f986d4b0446077cf71ef0167cf5be42b2b537f57991f7

  • SHA512

    a7d24c2aca77ef7528b2b8760d4a4f6832831031b9454a0f3f19b0e276346778a1318d4cb20c4bbdc888a2ee49a8773d4d37f1273faac234d06ce3dfc8ddb455

  • SSDEEP

    3072:DSuZCA75Y/5EOLqQHNLSl/FSArPi2pt+I5jMYrO0VNQhuyUeSBRM6/ATI8JUg69D:WuZhO/5EOGtl/FOUjhCV34/2O9eRFK/5

Score
8/10
persistence

Malware Config

Signatures

  • Sets DLL path for service in the registry 2 TTPs 1 IoCs
    persistence
  • Loads dropped DLL 1 IoCs
  • Drops file in System32 directory 1 IoCs

Processes

  • C:\Windows\SysWOW64\svchost.exe
    C:\Windows\SysWOW64\svchost.exe -k mssvc
    1⤵
    • Loads dropped DLL
    PID:2320
  • C:\Users\Admin\AppData\Local\Temp\7045984618d44b79ff9605a1c74a5fb4.exe
    "C:\Users\Admin\AppData\Local\Temp\7045984618d44b79ff9605a1c74a5fb4.exe"
    1⤵
    • Sets DLL path for service in the registry
    • Drops file in System32 directory
    PID:2416

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads