Overview

overview

10

Static

static

10

Samples 6/...ca.exe

windows7-x64

7

Samples 6/...ca.exe

windows10-2004-x64

7

Samples 6/...4e.exe

windows7-x64

10

Samples 6/...4e.exe

windows10-2004-x64

10

Samples 6/...31.exe

windows7-x64

10

Samples 6/...31.exe

windows10-2004-x64

10

Samples 6/...4b.exe

windows7-x64

7

Samples 6/...4b.exe

windows10-2004-x64

7

Samples 6/...1a.exe

windows7-x64

10

Samples 6/...1a.exe

windows10-2004-x64

10

Samples 6/...18.exe

windows7-x64

1

Samples 6/...18.exe

windows10-2004-x64

1

Samples 7/...22.exe

windows7-x64

3

Samples 7/...22.exe

windows10-2004-x64

3

Samples 7/...41.exe

windows7-x64

10

Samples 7/...41.exe

windows10-2004-x64

10

Samples 7/...62.exe

windows7-x64

10

Samples 7/...62.exe

windows10-2004-x64

10

Samples 7/...c5.exe

windows7-x64

10

Samples 7/...c5.exe

windows10-2004-x64

10

Samples 7/...a6.exe

windows7-x64

10

Samples 7/...a6.exe

windows10-2004-x64

10

Samples 7/...64.exe

windows7-x64

10

Samples 7/...64.exe

windows10-2004-x64

10

Samples 7/...a5.exe

windows7-x64

10

Samples 7/...a5.exe

windows10-2004-x64

10

Samples 7/...0d.exe

windows7-x64

10

Samples 7/...0d.exe

windows10-2004-x64

10

Samples 7/...de.exe

windows7-x64

7

Samples 7/...de.exe

windows10-2004-x64

7

Samples 7/...de.exe

windows7-x64

10

Samples 7/...de.exe

windows10-2004-x64

10

Resubmissions

07-01-2024 18:26

240107-w3ameabffn 10

Analysis

  • max time kernel
    117s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    07-01-2024 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Samples 7/e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe

  • Size

    414KB

  • MD5

    84b1f23a2a44bba69b9993d7d8f4508d

  • SHA1

    936b40a234c50d16d0ca31d98ae485de14f12d36

  • SHA256

    e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde

  • SHA512

    43e7c621560e1a8284a1c48d67b0b9940d36affb0f41f73c47e9300ac517d853059c827372eeca528d6cb9aba1f267d43e73aa6d6a6d66a740b039397a199e45

  • SSDEEP

    6144:Wucyz4obQmKkWb6ekie+ogU6BYv0znbHKN4BEN58ByW6i0zbcfp3wZhIDsk4ORw3:Wq4w/ekieZgU6u03GU6iScRAnISlx

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Samples 7\e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe
    "C:\Users\Admin\AppData\Local\Temp\Samples 7\e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2376
    • C:\Users\Admin\AppData\Local\Temp\DA48.tmp
      "C:\Users\Admin\AppData\Local\Temp\DA48.tmp" --helpC:\Users\Admin\AppData\Local\Temp\Samples 7\e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe 1DBB16A5A912D06BD3E5FA43C441682DE9C104BD7A0D0E4380A139655D62F3C5965C0048A8AA44314445DDC54EA6D36118613F84FCEFBF7D45B6363653A95F17
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\DA48.tmp
    Filesize

    414KB

    MD5

    26a2ccd3bd350e2451ae28672117ec44

    SHA1

    0d3a3febe8974178d69eeddfe42c1af86b650110

    SHA256

    783cc7c151ffdd96635e1a5224d11a6b5aaf41a72fcb497780bd21771ee707b7

    SHA512

    d84bc1f7b0aa2ad343543874afb4493f3dadfe73b9411af7a94a205a0aa3fa0b48a5eb1b556c141b606a0e8ccf4b214b952f81b2af91e2dff7fa267f7c1d89e7

    Download Submit