Overview

overview

7

Static

static

3

1983fb10d5...9a.exe

windows7-x64

7

1983fb10d5...9a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 13:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1983fb10d5cd4114274b108688e6ad9a.exe

  • Size

    1.0MB

  • MD5

    1983fb10d5cd4114274b108688e6ad9a

  • SHA1

    d0477a9b453cdfb6b491403e1877fedf05d371a9

  • SHA256

    aa8aa4d07b7908567da52a7c08a5929cbe499f5dcbe15f9fef0a7eb26500a9fd

  • SHA512

    ad1c5acdc2cf60ebe63e7ea39f989d813abee0207a064870ab001be4c56c7e10cb23272a818b3e862ac0c8bef91a44a77c305284715d21fbb07ae1c2a04cab06

  • SSDEEP

    24576:qKeyxTAJj7PZFK30B3I9ILWDdhVL0OOsIF5UsYv:qKeyRAwEB3w7DOZLUsG

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1983fb10d5cd4114274b108688e6ad9a.exe
    "C:\Users\Admin\AppData\Local\Temp\1983fb10d5cd4114274b108688e6ad9a.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:4736
    • C:\Program Files (x86)\mmlkknp\mhux.exe
      "C:\Program Files (x86)\mmlkknp\mhux.exe"
      2⤵
      • Executes dropped EXE
      PID:1852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\mmlkknp\mhux.exe
    Filesize

    1024KB

    MD5

    00fd2ca25c5ccba67a4c93a12c81dd2a

    SHA1

    3491b94e4a08b43844137e50480ebeed46fb49d8

    SHA256

    19b8c64f694f95ca16df3cba8e0c7dfa7a55b20743a5402c6fd687caa7e72972

    SHA512

    ea3c604703b6898a29ee0ef32d0386ebbec9ce06cd72c16fa696269560ed32239b29f99741950c0fe169b66e4bb713dece93decef2382aaefffcd53aa0e2a275

    Download Submit

  • C:\Program Files (x86)\mmlkknp\mhux.exe
    Filesize

    502KB

    MD5

    1347c3a9ca1b98c6188867e8d1853184

    SHA1

    c8a4326b18c63874b2494e6edcf18d388452e708

    SHA256

    4ea01305ccf54f8cc84e70782adddad6d0c885a99ca135ee53c95cb6f41f56da

    SHA512

    3f827b9b47cfb1dbae80f94ac09b7f0cc5e85df9b3cea0cbad50fa4e5543bb31114b551d761e3123d9f8c835eca61a415ec790394653c7e54c1025806fbda75d

    Download Submit

  • memory/1852-9-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1852-8-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/4736-0-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/4736-1-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/4736-6-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download