Overview

overview

7

Static

static

3

bdfd4fccf3...c4.exe

windows7-x64

7

bdfd4fccf3...c4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2024 11:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.exe

  • Size

    13.9MB

  • MD5

    c16faa6f45e736428166ca5e5cfa6e27

  • SHA1

    8c9aa7ec4e4196b99a060313a2f9b876fc7e16a5

  • SHA256

    bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4

  • SHA512

    dfcdd203771e2c3d4d4df1c6e71cf64e9610b90676cae4e97e85da518ffa1167cc53c550244e7900338831fcbdbb2de5d28831654b4c70e648281a4552ea8e43

  • SSDEEP

    393216:ftt7Oofj4eT8wobf4vhM7r3BkIgyCnuQ7:ftt7bLH8wobShM7tDSN7

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.exe
    "C:\Users\Admin\AppData\Local\Temp\bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4388
    • C:\Users\Admin\AppData\Local\Temp\is-N8FAI.tmp\bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-N8FAI.tmp\bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.tmp" /SL5="$6017E,13614645,1002496,C:\Users\Admin\AppData\Local\Temp\bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.exe"
      2⤵
      • Executes dropped EXE
      PID:920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-N8FAI.tmp\bdfd4fccf39a96d88a4d18fa49007fdd32242fdbcd7d62f8a31c66ae79c070c4.tmp
    Filesize

    3.2MB

    MD5

    cbc03b95e90872c23fcddefa12ea67fe

    SHA1

    219c9de358da713f3fac8fdc285551878db80586

    SHA256

    ad035969a298dc2d72f485581b5611b2601bb7c03ed6bf567159aa44bf8bed32

    SHA512

    2fc1fdcbfcdc6b3eb86ec588c6ddbc28eb1024a1efc0194fe5de249ad423754c052d905b23ffd05fbee23ead8ced9cb4af6d10960932ebfd58bc9e7cba6dfc10

    Download Submit

  • memory/920-5-0x0000000000A50000-0x0000000000A51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/920-8-0x0000000000400000-0x000000000073D000-memory.dmp

    Filesize

    3.2MB

    Download

  • memory/920-11-0x0000000000A50000-0x0000000000A51000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4388-0-0x0000000000400000-0x0000000000502000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4388-7-0x0000000000400000-0x0000000000502000-memory.dmp

    Filesize

    1.0MB

    Download