Overview

overview

10

Static

static

10

Samples 6/...ca.exe

windows7-x64

7

Samples 6/...ca.exe

windows10-2004-x64

7

Samples 6/...4e.exe

windows7-x64

10

Samples 6/...4e.exe

windows10-2004-x64

10

Samples 6/...31.exe

windows7-x64

10

Samples 6/...31.exe

windows10-2004-x64

10

Samples 6/...4b.exe

windows7-x64

7

Samples 6/...4b.exe

windows10-2004-x64

7

Samples 6/...1a.exe

windows7-x64

10

Samples 6/...1a.exe

windows10-2004-x64

10

Samples 6/...18.exe

windows7-x64

1

Samples 6/...18.exe

windows10-2004-x64

1

Samples 7/...22.exe

windows7-x64

3

Samples 7/...22.exe

windows10-2004-x64

3

Samples 7/...41.exe

windows7-x64

10

Samples 7/...41.exe

windows10-2004-x64

10

Samples 7/...62.exe

windows7-x64

10

Samples 7/...62.exe

windows10-2004-x64

10

Samples 7/...c5.exe

windows7-x64

10

Samples 7/...c5.exe

windows10-2004-x64

10

Samples 7/...a6.exe

windows7-x64

10

Samples 7/...a6.exe

windows10-2004-x64

10

Samples 7/...64.exe

windows7-x64

10

Samples 7/...64.exe

windows10-2004-x64

10

Samples 7/...a5.exe

windows7-x64

10

Samples 7/...a5.exe

windows10-2004-x64

10

Samples 7/...0d.exe

windows7-x64

10

Samples 7/...0d.exe

windows10-2004-x64

10

Samples 7/...de.exe

windows7-x64

7

Samples 7/...de.exe

windows10-2004-x64

7

Samples 7/...de.exe

windows7-x64

10

Samples 7/...de.exe

windows10-2004-x64

10

Resubmissions

07-01-2024 18:26

240107-w3ameabffn 10

Analysis

  • max time kernel
    136s
  • max time network
    205s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-01-2024 18:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Samples 7/e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe

  • Size

    414KB

  • MD5

    84b1f23a2a44bba69b9993d7d8f4508d

  • SHA1

    936b40a234c50d16d0ca31d98ae485de14f12d36

  • SHA256

    e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde

  • SHA512

    43e7c621560e1a8284a1c48d67b0b9940d36affb0f41f73c47e9300ac517d853059c827372eeca528d6cb9aba1f267d43e73aa6d6a6d66a740b039397a199e45

  • SSDEEP

    6144:Wucyz4obQmKkWb6ekie+ogU6BYv0znbHKN4BEN58ByW6i0zbcfp3wZhIDsk4ORw3:Wq4w/ekieZgU6u03GU6iScRAnISlx

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Samples 7\e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe
    "C:\Users\Admin\AppData\Local\Temp\Samples 7\e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4616
    • C:\Users\Admin\AppData\Local\Temp\EFBA.tmp
      "C:\Users\Admin\AppData\Local\Temp\EFBA.tmp" --helpC:\Users\Admin\AppData\Local\Temp\Samples 7\e5474bdcb0a87bd6c1c74d6a2fd6cff6c8ff913248b84e22c1ef5e82cb6f5cde.exe 232F6D16EDB0FB5B5DD324EFD59D8969FDB01C9B7A440A3BC9002191F436E2F44CC6CC32455ED41EAF074D9007E16ED9D256C9F143DB801450001EAA6F33B296
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\EFBA.tmp
    Filesize

    414KB

    MD5

    ec2efd651a145fcc53b4ee22a0cf153b

    SHA1

    ced3707f13a702c21190d2e1c7605bf9e60f904b

    SHA256

    cc1a22bee482343363179d45337a4ff400091f2356c7e74cfec17efd8e25f54a

    SHA512

    93fd27b92b9cf2415421b286de27179e68db81d8a48b1f5461ec54962b74c0f3dc4e733eec7c13356032f016fb32d4107b2bdcd950f50cd61eac9ed5dd37340f

    Download Submit