Overview

overview

7

Static

static

3

14bedc6ee2...26.exe

windows7-x64

7

14bedc6ee2...26.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 09:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    14bedc6ee29b0642a0132b2dc67efc26.exe

  • Size

    777KB

  • MD5

    14bedc6ee29b0642a0132b2dc67efc26

  • SHA1

    d03c695259bcc1eeb9bf75d9bb9c401fd3571e18

  • SHA256

    2ffd9ef95f36b65e794d48a40b474a25bb8b35e4f028d476765ecf2f11606b63

  • SHA512

    066d5c74780f061af94cae42200da04af5d0d27e1377bbd5c71e32e2d65723fc24c7e4c80363ae91b866c3502904bc138cdc3137a2516b73fdf59b91d865ecd3

  • SSDEEP

    24576:7zXKqa8SEijjC+37li4daoInr1YSfi6HfRG7j//3/L:7z6qaakjC+3s4da1nHzfKv

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\14bedc6ee29b0642a0132b2dc67efc26.exe
    "C:\Users\Admin\AppData\Local\Temp\14bedc6ee29b0642a0132b2dc67efc26.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:1244
    • C:\Program Files (x86)\licaa\imyep.exe
      "C:\Program Files (x86)\licaa\imyep.exe"
      2⤵
      • Executes dropped EXE
      PID:2700

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files (x86)\licaa\imyep.exe
    Filesize

    787KB

    MD5

    2e61d44a34ef5235be62e3f34d600597

    SHA1

    bb9ce5db54f35c3d96fba526f9d7a8426567b8b1

    SHA256

    56503f6b30defd19330eb97669c1b09b1658db2553a435903d42b4631cd472a0

    SHA512

    1b6ed543de38d3f5b0f6f6327ca978709785434c274377a59c8637ca96b7874c99c1652f74977d33647fe5a997f82a1687d66995f9b159771d3dd3b134b86963

    Download Submit

  • memory/1244-0-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1244-1-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1244-6-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/2700-9-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/2700-10-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download