Overview

overview

7

Static

static

3

168cc96cb8...bc.exe

windows7-x64

7

168cc96cb8...bc.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 10:57

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    168cc96cb8d54d3eb3109aad2f1c36bc.exe

  • Size

    84KB

  • MD5

    168cc96cb8d54d3eb3109aad2f1c36bc

  • SHA1

    f50c5881c7f75e053f45dccad638048b2d6c6ce0

  • SHA256

    77d15b1f4c9cfdd23fc19fa447c790f0ca23e52160dd5a6997a599e7ff2c65a5

  • SHA512

    ec3b84461c3f36ba77b9b59a6495e367b5ed9915413557d6499a07668de0ca1216b5f184838410a0281ed88bdd48af5ef5255d5e05f3a8707b51f6b4406156b1

  • SSDEEP

    1536:D34XAL6OBb2040cFyPHK7v8KbqZirmN5h0eYHoZ9Da9+X4ok8VAyqRyqHm:D34XAL6ON940cFyPq7v8eqZirmN5qH+F

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\168cc96cb8d54d3eb3109aad2f1c36bc.exe
    "C:\Users\Admin\AppData\Local\Temp\168cc96cb8d54d3eb3109aad2f1c36bc.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2184
    • C:\Users\Admin\AppData\Local\Temp\168cc96cb8d54d3eb3109aad2f1c36bc.exe
      C:\Users\Admin\AppData\Local\Temp\168cc96cb8d54d3eb3109aad2f1c36bc.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2816

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\168cc96cb8d54d3eb3109aad2f1c36bc.exe
          Filesize

          84KB

          MD5

          16bc38f7df29785ac07e3e014d49ab2d

          SHA1

          22be061b406db1023f5737ac344e52ee133d4100

          SHA256

          76b679c7bdbbe5da32d0a811c039c453972c76a65ac6558d286af32753dbbd81

          SHA512

          eecce2d1a187540a2ce500f9775170e20792219e5f77885218e147e96897b7b7bcf77fd08a83e88db4f630320d8e404fdfabde7e384d2f179e8516ef24c25f7d

          Download Submit

        • memory/2184-0-0x0000000000400000-0x000000000042F000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2184-1-0x00000000000D0000-0x00000000000FF000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2184-2-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/2184-11-0x00000000001A0000-0x00000000001CF000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2184-15-0x0000000000400000-0x000000000041B000-memory.dmp

          Filesize

          108KB

          Download

        • memory/2816-17-0x00000000001D0000-0x00000000001FF000-memory.dmp

          Filesize

          188KB

          Download

        • memory/2816-23-0x0000000000400000-0x000000000040E000-memory.dmp

          Filesize

          56KB

          Download

        • memory/2816-28-0x0000000000330000-0x000000000034B000-memory.dmp

          Filesize

          108KB

          Download