Overview

overview

7

Static

static

3

7ba5d31b90...93.exe

windows7-x64

3

7ba5d31b90...93.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 16:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ba5d31b9057662a8925990f02202893.exe

  • Size

    406KB

  • MD5

    7ba5d31b9057662a8925990f02202893

  • SHA1

    23f27966cd06d084ee9d6b79f25bed8cebeb79c8

  • SHA256

    34a95a340deb0ceb5408eb394665abbb24d717099379fd22f1bad1b5b6593ec3

  • SHA512

    a2158f59582f1cb4c60764e8718172a7c1a764100ef175088c35225bba934253e0fe05b108df25e4df54fba45bfbd68499d1356f7b870f38feee100611754205

  • SSDEEP

    12288:f9tL0gh/mMFDRhmHK1QUZYa8t6mHK1QyEmHK1QFnc9:f9tQDMVRhCK2UZOt6CK2zCK2t+

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ba5d31b9057662a8925990f02202893.exe
    "C:\Users\Admin\AppData\Local\Temp\7ba5d31b9057662a8925990f02202893.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2912
    • C:\Windows\SysWOW64\WScript.exe
      "C:\Windows\System32\WScript.exe" "C:\Documents and Settings\33.vbs"
      2⤵
        PID:2056

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Documents and Settings\33.vbs
      Filesize

      324B

      MD5

      41e8368767aded380e8b1ab79347ff16

      SHA1

      87fe118cfa9c5f6c567a361781943c4d3342fe67

      SHA256

      a32e9f0fe4836cda1ac3cc4ad24b6ca255a88eeda6767907be041bee58049909

      SHA512

      d3f6ad4cd05dbcfcc8b3adfad029cb66ed149e55d806389b1fc25be7a888b5b49afc555d01675ffd15f894259f3e5202adeb5c1244fd98cd8cda78cfdd227d75

      Download Submit

    • C:\Users\small.exe
      Filesize

      166KB

      MD5

      73d87a656650135c354d4ed098c12d96

      SHA1

      104d42840a7df622390458855dcf53f4b697a833

      SHA256

      74f599382895163701a919e630ee59e8ff99114e400b6f4e0c6a0f6d6f126d04

      SHA512

      6252e4f6bedea3985e534b28cc04b4ca2b5073817f1175d32b8926425d7a0665b59fbb635fa07204ba4a1e86e820ec5ad21dcbcb8243fa860db86462f71e6c4b

      Download Submit