Overview

overview

8

Static

static

3

1024a9c15f...d9.exe

windows7-x64

1

1024a9c15f...d9.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 05:36

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1024a9c15f5162e4ee96531b1e13bdd9.exe

  • Size

    54KB

  • MD5

    1024a9c15f5162e4ee96531b1e13bdd9

  • SHA1

    51ce6484939e91b5c0c40f708fff52189d207708

  • SHA256

    175e69b820fac09e44f8d067115d899dcbc26b1f4c46d7cc71b8841386c255c7

  • SHA512

    2fb2fd7e151db3439468b8f52894759b84b64e6ba3760e4e7a0461ac541e55d86338ff883a7c320338ed5783175b2147f24fba323066f70f3d22d6f4cb669aa1

  • SSDEEP

    768:YU5Qmsqn3fpJ8/f+EDufZJUNL9YTy1t2east7YRpcd2/nqOego9zHd19VmzezClF:1lnIufZAP1t2easWRpFUgizZVxClhH

Score
1/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\1024a9c15f5162e4ee96531b1e13bdd9.exe
    "C:\Users\Admin\AppData\Local\Temp\1024a9c15f5162e4ee96531b1e13bdd9.exe"
    1⤵
      PID:2088
      • C:\Windows\SysWOW64\cmd.exe
        cmd /c ""C:\Users\Admin\AppData\Local\Temp\s_g_l_229.bat" "
        2⤵
          PID:1720
          • C:\Windows\SysWOW64\cmd.exe
            C:\Windows\system32\cmd.exe /K C:\Users\Admin\AppData\Roaming\redload\1.bat
            3⤵
              PID:2288

        Network

              MITRE ATT&CK Matrix

              Replay Monitor

              Loading Replay Monitor...

              Downloads

              • C:\Users\Admin\AppData\Local\Temp\cdf1912.tmp
                Filesize

                791B

                MD5

                1706b41fd446b5718a8419c0fcb35d55

                SHA1

                d9bb8df22acdc60c754ac14982cf795df3b1b815

                SHA256

                5c6d11ac3f220f8286455764ab2581dcb6554692d3b9974b097364d77edb3943

                SHA512

                68c9f6170ecdfcc79fc63cb646901d2ac52a915620b159047b2c93761c261897eb5ecc15065635105637a61a840d393104c15ea8268897fb8bb2fbc1a56c626e

                Download Submit

              • C:\Users\Admin\AppData\Local\Temp\s_g_l_229.bat
                Filesize

                54B

                MD5

                504490369970f1c0eb580afbcdf91618

                SHA1

                b52f65cd538e6c998b2c7e3167f9c8e8fa6c7971

                SHA256

                a13a0579286521f0d7cb55fc7d28c6d33f14c0573e9e69f7584fa4008a8e7d43

                SHA512

                5495ce79abf0fc4ffbfaf9aefa484145f4e0d3e8457be0e2e4dfb1284fb5413016f2d9867e2386db5c4f7b51863bfffeae8ea6bd879053fdf6a928ab2a0857ad

                Download Submit

              • memory/2088-0-0x0000000000A10000-0x0000000000A35000-memory.dmp

                Filesize

                148KB

                Download

              • memory/2088-2-0x0000000000020000-0x0000000000023000-memory.dmp

                Filesize

                12KB

                Download

              • memory/2088-5-0x0000000000A10000-0x0000000000A35000-memory.dmp

                Filesize

                148KB

                Download

              • memory/2088-37-0x00000000023A0000-0x00000000023AE000-memory.dmp

                Filesize

                56KB

                Download