Overview

overview

7

Static

static

3

0782dfce56...30.exe

windows7-x64

7

0782dfce56...30.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    185s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/12/2023, 23:49

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    0782dfce5640ae3bd0dd050c2c94fa30.exe

  • Size

    629KB

  • MD5

    0782dfce5640ae3bd0dd050c2c94fa30

  • SHA1

    c14e5dc0741a99fd231769a0b4666187ce42fb6e

  • SHA256

    afbec4218b1747d735f1e854c70c214d6ff8389d1735750c498b26442ecebd51

  • SHA512

    9d73a6a54bb3033d69906f0ba8a484749d8950a2523e1778ab7ebd5b27b68e1ae7af761b5c09bbe1b6fc1c88b005188cdc95d36e830c2b8a96d0a619ff5c4650

  • SSDEEP

    12288:mGwF8DRXgVPqaoXNoEixlbjDm+3z2AJLDl16ncmg+3y/iVSabkmujifBmt2Cc:7zXKqa8SEijjC+37liXbLbklmfB6c

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0782dfce5640ae3bd0dd050c2c94fa30.exe
    "C:\Users\Admin\AppData\Local\Temp\0782dfce5640ae3bd0dd050c2c94fa30.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1452
    • C:\Program Files (x86)\zqbnpo\vicfvwrniregg.exe
      "C:\Program Files (x86)\zqbnpo\vicfvwrniregg.exe"
      2⤵
      • Executes dropped EXE
      PID:4488

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files (x86)\zqbnpo\vicfvwrniregg.exe
          Filesize

          647KB

          MD5

          d7cee16560a31ae04c8424db682f2f18

          SHA1

          55d1f4a44a55ae3c2ec12b23e11899d674d2b89e

          SHA256

          cb985dd87364eb07112b720c3bf2cd66276a8ac32f8075f25198ec643346a7a4

          SHA512

          5f1e686499e1a192b3bb39d789ba1a345509a1e4d366763013f76ee11780b282596539fe461fa2065207ca3094c6b745f5a4693910b2f2fa1ba46a89c06d3768

          Download Submit

        • memory/1452-0-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/1452-1-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/1452-6-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/4488-7-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/4488-8-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download