Overview

overview

7

Static

static

3

3b763465d1...b0.exe

windows7-x64

7

3b763465d1...b0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1s
  • max time network
    12s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2024, 00:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b763465d1e23fb99e861998d78a62b0.exe

  • Size

    331KB

  • MD5

    3b763465d1e23fb99e861998d78a62b0

  • SHA1

    7e4928b4fae01310607aa1557de19190093938ed

  • SHA256

    dd134a3bd1c5e5a1693011156eb55ee07507eb916ede1fa13fe1ae1812cb5d66

  • SHA512

    622f88df2031629834276f97707572669889292e444316d19206db151fad053216af0642acb85ffd6e4ae39040688db3a1e0b64084d30ef0b199b41dba0ce711

  • SSDEEP

    6144:5ue2DpK65NgBESC2LtT/FEy0/eA/YsnR7byCB3ebwtIMVahGkiJohoP:5utpK4NGjziyhaRRgbbQku

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3b763465d1e23fb99e861998d78a62b0.exe
    "C:\Users\Admin\AppData\Local\Temp\3b763465d1e23fb99e861998d78a62b0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1736
    • C:\Users\Admin\AppData\Local\Temp\JOA4E10.exe
      C:\Users\Admin\AppData\Local\Temp\JOA4E10.exe
      2⤵
      • Executes dropped EXE
      PID:5008

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\JOA4E10.exe
    Filesize

    92KB

    MD5

    a508055cf62be71b10d3521e068d3fed

    SHA1

    480b9daea09134a3dde2d5cf213f8695533accf5

    SHA256

    16e8d14e89e3c091e7db555bfe8274242ce7924d2309ba41b6313d4fbcec5dbd

    SHA512

    90eb6a44d9eac133b1f62c1abbecc2c357d2da40a421f68773d1258c7654ec4b42803131721b683302e388b19e73fc895f15fc435a03a40616b3a94e9ab09f4b

    Download Submit

  • memory/5008-5-0x0000000002520000-0x0000000002542000-memory.dmp

    Filesize

    136KB

    Download

  • memory/5008-4-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download

  • memory/5008-6-0x0000000000400000-0x000000000042B000-memory.dmp

    Filesize

    172KB

    Download