Overview

overview

7

Static

static

3

6e7bec1c6a...13.exe

windows7-x64

7

6e7bec1c6a...13.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 12:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e7bec1c6a08e101c190828068a0e213.exe

  • Size

    296KB

  • MD5

    6e7bec1c6a08e101c190828068a0e213

  • SHA1

    e63692ba0789713ce34d08a333ec58f8944b73eb

  • SHA256

    6de0a3bc466425cb34113150bbb4db9a60c741a61d21f76709ab1544e6ad23ad

  • SHA512

    aa746a32e5d3cd538ece7b87c9e7382b9aa3b8b61087ed786e678ab7268388cafaf63df0ae6b09fc6a37260875a36f203e12c28d81ce4847800f02acbfc601a0

  • SSDEEP

    6144:Ukpd1DZxlWelOlMVDrcuJSsrcStI0xOf81sG1a9uP9nf:Ukpd1XlHlOqVnco7tI0xOfus6a9s9nf

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 3 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6e7bec1c6a08e101c190828068a0e213.exe
    "C:\Users\Admin\AppData\Local\Temp\6e7bec1c6a08e101c190828068a0e213.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: GetForegroundWindowSpam
    PID:2024

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Tsu8DD8D309.dll
    Filesize

    92KB

    MD5

    183f771d22d76f9b2d0841a84eadc9db

    SHA1

    1a8d327ee1f46c1c89ae58f098c16f550ee9460e

    SHA256

    487a5ec0c306b83d0b5fd0537c5b3a9ced9fc1dc64bfee1be31e9202d5b6f9cc

    SHA512

    791b513b26029a82f159196e7e29dd431c525b5a199c245207d3aefe8043b46dc5f893c17debd01c5644573a0253da919f9baa9e58bdb71967f1a31da13488b1

    Download Submit