Overview

overview

4

Static

static

3

559951f740...7e.exe

windows7-x64

4

559951f740...7e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 05:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    559951f740a26c52170ef8da1e91257e.exe

  • Size

    408KB

  • MD5

    559951f740a26c52170ef8da1e91257e

  • SHA1

    e5f163ab4d6c331fb4212049d20f905b35975fc1

  • SHA256

    133ad3f0be843f7af63d2335c28c7771421401cac8debe20a639155ab026d788

  • SHA512

    59993131954a70117808e65d63acff90663168df114e9ceca0383c356ced88c52ebebdd139de9ab7c7ea2a2db5c2582762d0cdd4a6129180b4e417254af96ea3

  • SSDEEP

    12288:CwTmx44QelGua3+cDzlIOfMzmVGH0lGcDNsPi3:CesqQGZTfXGH0lHJoi

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 5 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious behavior: EnumeratesProcesses 58 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\559951f740a26c52170ef8da1e91257e.exe
    "C:\Users\Admin\AppData\Local\Temp\559951f740a26c52170ef8da1e91257e.exe"
    1⤵
    • Drops file in Windows directory
    • Suspicious behavior: EnumeratesProcesses
    PID:2956

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\05[1].htm
    Filesize

    342B

    MD5

    a57c63da05f4c82c5625ab02eca24259

    SHA1

    bcb595be50071f1f320b3df1acebb715f13d38aa

    SHA256

    4cb7e20f648db6ef7ae1f8fdf5256009e00770241303d10a1fa20114b75382a2

    SHA512

    34740ce4f2959a5e7207e77d44264f50eb172b03a6a2352cb7cc56e4f4b589f8669cdba56e7940cfa411f9ff64f0a5391c07f57b3d53422fcee7bf89e238da7b

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M2VO416U\Q3RPATKF.htm
    Filesize

    326B

    MD5

    9e3a201251f6b5e58485f0ed9e150698

    SHA1

    005d9a6d92506b92ee36e0632d7d683239a50868

    SHA256

    dfa437c5ff2db679f3b7e44af2a300aa42a65eaa08afd183f1d389763bd67515

    SHA512

    5d381af7bf7798994f9e97890f7059c5ef79b2ff2d26b8ecaf858d39d74723282da360564bb7d23a44ec2e6e5a11fa254f6872ece9002a33c3225bcd4f4d15e8

    Download Submit

  • C:\Windows\MicrosoftUpdate1.exe
    Filesize

    51KB

    MD5

    865783b8c63068fa10b7132427344887

    SHA1

    778c604db17162d99a04c251e8494c2169c34c19

    SHA256

    b5d5de5126748985e3857b0f5dc1e49463f078cde1c915d6c11fbe5687cfd182

    SHA512

    79062a8f7ff6f759c43213e8ea794d32a993b3cb6cb7b482a32ba11344b477156a143e3fe8419a2da299535fefb72867358e7344f7ffaa6296073930c2684bd0

    Download Submit

  • memory/2956-0-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-18-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/2956-37-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/2956-38-0x00000000001B0000-0x00000000001B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2956-48-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/2956-49-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download