Overview

overview

7

Static

static

3

224fa05222...46.exe

windows7-x64

7

224fa05222...46.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    170s
  • max time network
    191s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31/12/2023, 00:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    224fa05222eaa47c7925eba7aa07c846.exe

  • Size

    1.9MB

  • MD5

    224fa05222eaa47c7925eba7aa07c846

  • SHA1

    73dd1c8220171f9d5f9688ce71d5bfeb42ae6d8d

  • SHA256

    74ee02298a55dc65010416af2dbb7250c6b0801fa70a4348224a7f7698bebf21

  • SHA512

    494ad61bb11ee48c6398f07d48d1b96ae24402184afdd84008fd11a5d5a28c3db4863dc356a1bfa2183374ca96d367b6884e064fb47d92b991a1455bb5a7deaf

  • SSDEEP

    49152:Qoa1taC070d7E/knXgxNs/+ADAfAJxHFh:Qoa1taC0yEeXgDs/+ADAfA3Hz

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\224fa05222eaa47c7925eba7aa07c846.exe
    "C:\Users\Admin\AppData\Local\Temp\224fa05222eaa47c7925eba7aa07c846.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4440
    • C:\Users\Admin\AppData\Local\Temp\FBD5.tmp
      "C:\Users\Admin\AppData\Local\Temp\FBD5.tmp" --splashC:\Users\Admin\AppData\Local\Temp\224fa05222eaa47c7925eba7aa07c846.exe ABED756AEF10D9958D097C952F6A81ABC6430E3988501CCB1EC91EE69D85EDED4B6E9BC59AD7A7CA2CFA81CEB440143AECEAE33F6ACBDB9887E341271211E695
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\FBD5.tmp
    Filesize

    316KB

    MD5

    ed52916b5adf974fa8a7f694cc46bd00

    SHA1

    4ee5db0d4f484be625cc2a561b0d821e1b938de0

    SHA256

    803e3413a3a1297bb17cbb39bade09760a1aeedf79def9a54ca5e6f245a89222

    SHA512

    558fed496924fed750fd6e3351aaccb76c975687ab572d44d0c7f2993b3de9d8f0d2f3e3a4b2aae841ae467e3eff1d02cc88b7de62c8408d1d259c54ea9ea98e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\FBD5.tmp
    Filesize

    325KB

    MD5

    eb76faead9025c0c575b5188cf416462

    SHA1

    302e905907034d65f9d6661c555044cd3fa01dcd

    SHA256

    01d6cedac80507f1cdcb009adc06964e70f37be318522c830fe709e910b46190

    SHA512

    d33df7e53cced8de60f40dda7915061c8ddacb70907cd81fccfe8dcf1498df2c72bc5ccf5dab90a3e66eeb27bd19b660894c2ef50cc6f1c9920a97c32a3d3e1c

    Download Submit

  • memory/3832-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4440-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download