Overview

overview

10

Static

static

10

samples (2).zip

windows7-x64

1

samples (2).zip

windows10-2004-x64

1

04035f6fdd...f9.exe

windows7-x64

9

04035f6fdd...f9.exe

windows10-2004-x64

7

0ed3c87ce3...07.exe

windows7-x64

4

0ed3c87ce3...07.exe

windows10-2004-x64

1

1ce291b079...c9.exe

windows7-x64

7

1ce291b079...c9.exe

windows10-2004-x64

1

30e66f95b4...49.exe

windows7-x64

8

30e66f95b4...49.exe

windows10-2004-x64

8

335160bee7...cf.exe

windows7-x64

10

335160bee7...cf.exe

windows10-2004-x64

10

3d7dd597a4...67.exe

windows7-x64

1

3d7dd597a4...67.exe

windows10-2004-x64

7

42dcc46f9d...46.exe

windows7-x64

9

42dcc46f9d...46.exe

windows10-2004-x64

8

4fcaca23e9...f2.exe

windows7-x64

10

4fcaca23e9...f2.exe

windows10-2004-x64

10

5994300c1c...a7.exe

windows7-x64

10

5994300c1c...a7.exe

windows10-2004-x64

9

627a5569d4...e3.exe

windows7-x64

7

627a5569d4...e3.exe

windows10-2004-x64

10

kf12.pyc

windows7-x64

3

kf12.pyc

windows10-2004-x64

1

63fa775052...2f.exe

windows7-x64

1

63fa775052...2f.exe

windows10-2004-x64

1

645b8dfe73...79.exe

windows7-x64

1

645b8dfe73...79.exe

windows10-2004-x64

1

64862ec699...1b.exe

windows7-x64

9

64862ec699...1b.exe

windows10-2004-x64

10

741d75a02d...5e.exe

windows7-x64

10

741d75a02d...5e.exe

windows10-2004-x64

10

Resubmissions

18-04-2024 18:50

240418-xha8wabh29 10

01-01-2024 15:12

240101-slnwxsfeh4 10

Analysis

  • max time kernel
    7s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    01-01-2024 15:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    627a5569d47d6c66be6888e4f68f0a50e491404a08da1a7d9242c2d29e3e8ee3.exe

  • Size

    31.9MB

  • MD5

    446fb9d942879e16c30b4cdd4cfca25f

  • SHA1

    15db57519b54475ca7961a558806c6c49df85d5a

  • SHA256

    627a5569d47d6c66be6888e4f68f0a50e491404a08da1a7d9242c2d29e3e8ee3

  • SHA512

    14ec30f91f678fe0ae4b3d681389f4f5a5a01ea2b0cfaf7835025206bde8589f78e3a3a1308089c3331d650ee539ed9dbe723ca7edc72cb3b1996ef7b1d0ad6f

  • SSDEEP

    786432:k+yF8WWxUdUd1LRphkc3FphBWGlso5EYW8GUCUEDDu4Kucccd8:WF8WWxUUddRzFphBZd5E7UCpDfm

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 7 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\627a5569d47d6c66be6888e4f68f0a50e491404a08da1a7d9242c2d29e3e8ee3.exe
    "C:\Users\Admin\AppData\Local\Temp\627a5569d47d6c66be6888e4f68f0a50e491404a08da1a7d9242c2d29e3e8ee3.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2568
    • C:\Users\Admin\AppData\Local\Temp\627a5569d47d6c66be6888e4f68f0a50e491404a08da1a7d9242c2d29e3e8ee3.exe
      "C:\Users\Admin\AppData\Local\Temp\627a5569d47d6c66be6888e4f68f0a50e491404a08da1a7d9242c2d29e3e8ee3.exe"
      2⤵
      • Loads dropped DLL
      PID:2080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI25682\api-ms-win-core-timezone-l1-1-0.dll
    MD5

    d41d8cd98f00b204e9800998ecf8427e

    SHA1

    da39a3ee5e6b4b0d3255bfef95601890afd80709

    SHA256

    e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

    SHA512

    cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI25682\ucrtbase.dll
    Filesize

    35KB

    MD5

    858199b9e59beeb406805c7af30ec610

    SHA1

    1d500f155a182950aabfab7f6db4d584d7f5b418

    SHA256

    0e356a493791621b2a9f2f0c731460f926d38d4d98e243010a90bdc709154773

    SHA512

    792e29889ff851d5de87e341793f6bce8802b5da65bfaa7242f86759eb2bccf23951ef37116a693168ae2d1cd37c99c8aca1066acdb9dad114a51a31b110c7a9

    Download Submit

  • \Users\Admin\AppData\Local\Temp\_MEI25682\ucrtbase.dll
    Filesize

    21KB

    MD5

    f267aa74d31462f910b45001346355c7

    SHA1

    dbb59eca49559c26425e36120c1f054c39977363

    SHA256

    15d231a8df48dc51c199238002a3cadd1afe8cd6fa12b13dc85274aa8934d14a

    SHA512

    4b81d26d68eace8b681226340b68bd4d220e6aca20e0b830d03b87f6fb302e958e33af9677236ee327f37bb155195038cc1b89b99dc76039897dde60bf1d9157

    Download Submit