Overview

overview

7

Static

static

3

4602799173...9b.exe

windows7-x64

7

4602799173...9b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    152s
  • max time network
    159s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/01/2024, 10:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    460279917378f6c0d31431a3aff4859b.exe

  • Size

    1.9MB

  • MD5

    460279917378f6c0d31431a3aff4859b

  • SHA1

    9274c1e77cf110c797ee41d42e10fc22ce67af70

  • SHA256

    55311852a803653c620f8a0b344d5d95981846bcaefb10dac7500cfd80756d36

  • SHA512

    dbdc90b64331c798d189634bd5a10285097a2beb65728f450f1b9ad5be71575e935b4cc66507b9064d905155e315ec37221b1b6473709bb76e58bb87e80deb14

  • SSDEEP

    49152:Qoa1taC070dOp1uLtYmT+KflwKblhsjESzm5vSF:Qoa1taC0j/uxYk+K2wlhsjEzO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\460279917378f6c0d31431a3aff4859b.exe
    "C:\Users\Admin\AppData\Local\Temp\460279917378f6c0d31431a3aff4859b.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4216
    • C:\Users\Admin\AppData\Local\Temp\D4D4.tmp
      "C:\Users\Admin\AppData\Local\Temp\D4D4.tmp" --splashC:\Users\Admin\AppData\Local\Temp\460279917378f6c0d31431a3aff4859b.exe 6DCCC4F73464C1050978BC89979399E9D49E750E1D1CD22A8640405FEA1E9E8C28FE2C4FAD7C379A939D57A51B813B23A57235C4A81B599A8998A2E58404EBC7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\D4D4.tmp
    Filesize

    1.9MB

    MD5

    d853946996b9e673b6c3f1d1d50b2860

    SHA1

    36a06206906920da73b6b16365fd55e766559927

    SHA256

    78eeb638809046d9b8eb51a26c34a972619c020a58dc451c31571d4e22c1a836

    SHA512

    ee804316dc282c0dc456032b72199da003baf69af31061a1d457c6c59c2086585ae95aef256475ccf2fdbadf5b383f7aa62cb16038578b880f6aacd65a9c2cd0

    Download Submit

  • memory/1016-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4216-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download