Overview

overview

7

Static

static

3

0a507beac5...7e.exe

windows7-x64

7

0a507beac5...7e.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 01:37 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0a507beac5d39e037c6fc6e6884dbe7e.exe

  • Size

    82KB

  • MD5

    0a507beac5d39e037c6fc6e6884dbe7e

  • SHA1

    a0a8f6c6284a849fcad6bbcf09698c00caae2888

  • SHA256

    ccb44d165559172aab45ec0fc037f4b48b123cc16c35241cc2963d4b6671613d

  • SHA512

    7a696354dec01e79ff7a712786162bb05345ef35cdc400169a06800f74fbba64fd6fc819fb89a1a84bc6a62f0773f98e8c516a2c1d4d7b8e416d90195a846750

  • SSDEEP

    1536:fjqQ/CAtqZYTHoS44+9YUBO4EskCZL+TSF14klYq5qhlUuKY:febIBTN44+meGifJBY

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0a507beac5d39e037c6fc6e6884dbe7e.exe
    "C:\Users\Admin\AppData\Local\Temp\0a507beac5d39e037c6fc6e6884dbe7e.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2052
    • C:\Users\Admin\AppData\Local\Temp\0a507beac5d39e037c6fc6e6884dbe7e.exe
      C:\Users\Admin\AppData\Local\Temp\0a507beac5d39e037c6fc6e6884dbe7e.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\0a507beac5d39e037c6fc6e6884dbe7e.exe
    Filesize

    82KB

    MD5

    a2d525634faa3b025efb409280d02455

    SHA1

    4afd25009e43c4ab9795b80a72176df8c0688bc4

    SHA256

    6f3ec7171209bfc249c1188e6144c7540cda118ec33c571de2dbb933f0194b0c

    SHA512

    d07e0ba117789f3ea1114f78c2c39c66c29fb07dad81a7e9f74c811aa92ecb1ffe846ca4bc24549264db765975e5d0d96ab0a4a8cd270975ea525ffee41e8cb3

    Download Submit

  • memory/2052-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2052-1-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2052-5-0x0000000000140000-0x000000000016F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2052-14-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2128-16-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2128-18-0x0000000000140000-0x000000000016F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2128-23-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2128-28-0x00000000001B0000-0x00000000001CB000-memory.dmp

    Filesize

    108KB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.