Overview

overview

7

Static

static

3

1009aea6ce...a6.exe

windows7-x64

7

1009aea6ce...a6.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    182s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 05:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1009aea6ce46eec64a2449f02da62ea6.exe

  • Size

    1.9MB

  • MD5

    1009aea6ce46eec64a2449f02da62ea6

  • SHA1

    753b7d0c2fb23ddf24b4fe77cf71ce33facd7b1c

  • SHA256

    79c8b1355addc32662bcdd0f0239801cbe672463052f66ed57482a82c3a6ff0c

  • SHA512

    849cd50c103970fcbeb33aedcf1ec8eeb46fe8589b3ce1d8ba8cc7cfa26c883a313a7143331bd8c67ee1468e956206be994452ee1a04a24de789312badaf7e55

  • SSDEEP

    49152:Qoa1taC070dNFafm8DW9yWoXvTc6z8Zi4ktMVbxr:Qoa1taC0Cv6W8WofTchZwMH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1009aea6ce46eec64a2449f02da62ea6.exe
    "C:\Users\Admin\AppData\Local\Temp\1009aea6ce46eec64a2449f02da62ea6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2040
    • C:\Users\Admin\AppData\Local\Temp\67FC.tmp
      "C:\Users\Admin\AppData\Local\Temp\67FC.tmp" --splashC:\Users\Admin\AppData\Local\Temp\1009aea6ce46eec64a2449f02da62ea6.exe 7685E74BB416A9BDE84D04669709D0B277DBA7CE8DBF312D35C34FC3371A403F957EE036053DD301F50CE23202EA2C0AB5396B6484DD64603CBA5FC35671E8A1
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2972

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\67FC.tmp
          Filesize

          1.9MB

          MD5

          2de9b5fe6cde807c4a96b1ec960b626b

          SHA1

          9e1a2a7349bc852b4044ad01584bb33bce4038d1

          SHA256

          6dc1736c9f91f2135ecdf66c5b4bd6512f257d5aeb2003c4e9a15cff52334d7b

          SHA512

          653c43b9918d126b21f6817c5a2ce3981f19bee5cad6f4db84600c38ad0d41b1f69cb769532f7fcce1b09dc76c1b33c420aaa6646b6b3f352badb7036901036b

          Download Submit

        • memory/2040-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2972-5-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download