Overview

overview

7

Static

static

3

045b362e0e...ea.exe

windows7-x64

7

045b362e0e...ea.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29-12-2023 21:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    045b362e0e8ed32b5190a134bf93feea.exe

  • Size

    1.9MB

  • MD5

    045b362e0e8ed32b5190a134bf93feea

  • SHA1

    4a367be6d139d2a193ecee8129a97ad83e796eea

  • SHA256

    9563ed5ad61d404c6d6ac3e9f27eaa2cae174bd4ca1661a162ea7e49c7060fd0

  • SHA512

    4decb0c23f586bfc9ce476f1f3d7ef1c644c7fa83d61fa8b56538a698715be95c9bd6043b95f7582df6df83174d1e9dae496c7dd8bfa7d4fe3a3071d7b5096d8

  • SSDEEP

    49152:Qoa1taC070dvBO/KfXOOV3t3z2HfhaklasX:Qoa1taC0SBlfX9T3zUw4asX

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\045b362e0e8ed32b5190a134bf93feea.exe
    "C:\Users\Admin\AppData\Local\Temp\045b362e0e8ed32b5190a134bf93feea.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2124
    • C:\Users\Admin\AppData\Local\Temp\7B86.tmp
      "C:\Users\Admin\AppData\Local\Temp\7B86.tmp" --splashC:\Users\Admin\AppData\Local\Temp\045b362e0e8ed32b5190a134bf93feea.exe 2B0566FB8FB607B1E0DB7AEEA3E38A6B5AA5FCF41ECDC8C6873D26ED6DDBF5D42EC098F34D9F7338FDD1A295F06F8C81C59111F7B3C78C8679BCD098E0C4B6C3
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7B86.tmp
    Filesize

    1.9MB

    MD5

    fd817ed06bd33c37fbf015aac4f13038

    SHA1

    7fbd5499feab1b3f158f8e0d5d12a863132a196e

    SHA256

    ab336f7ebc71bbac2fef805317049782039949a55277d2f0353b3e669f4308e8

    SHA512

    c4fe60ef7e7d8a3d5ed694227bfc1c2672fc242bb250b0ec752b44830779b729dc0fa62353d55d9c8645657e79600c99619f1aef61f3225d1ae8aa547bf27b2f

    Download Submit

  • \Users\Admin\AppData\Local\Temp\7B86.tmp
    Filesize

    1.7MB

    MD5

    52943341c606b47e7334be096a46046c

    SHA1

    bb3bd8307a132a42cc8317b2a2359f089e02155b

    SHA256

    50d530b33e92eb13330e4fff56471d7b250ec4e62606deed57c09f45bc663aaf

    SHA512

    9d25e3d6efafe96f06fd1c7f5a7efcc751e2f8d6086c2e99eb8773dc9017f8f2b0b7fcc8c07ac9788785c4e1bdd684d9d2a493f8b0ab7f86d267113e99ba25b1

    Download Submit

  • memory/2124-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2252-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download