Overview

overview

7

Static

static

3

65a726dc45...84.exe

windows7-x64

7

65a726dc45...84.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    18/01/2024, 17:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    65a726dc453ce1eb5b0ff24494541c84.exe

  • Size

    1.9MB

  • MD5

    65a726dc453ce1eb5b0ff24494541c84

  • SHA1

    c5ac4f662479f3edfd7d2902632241697a6705c8

  • SHA256

    1ab3ff388c0ce70a0083af5ec6e524e3bd33c11690b0f983570e5e4d9feef432

  • SHA512

    52b99722c6b9eb68402001fd3396b5e8e6a4b95e5cda8d45cb9d2a1c735fab84d073a70b389b8743388ce7b67cf557620633b0e5aab19435ab2048f887570a27

  • SSDEEP

    49152:Qoa1taC070d8iINNlefTIiIkGi7AL1Zgv/OvZF:Qoa1taC0JNlefTIiIti7UZC2v

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\65a726dc453ce1eb5b0ff24494541c84.exe
    "C:\Users\Admin\AppData\Local\Temp\65a726dc453ce1eb5b0ff24494541c84.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1212
    • C:\Users\Admin\AppData\Local\Temp\4A2A.tmp
      "C:\Users\Admin\AppData\Local\Temp\4A2A.tmp" --splashC:\Users\Admin\AppData\Local\Temp\65a726dc453ce1eb5b0ff24494541c84.exe 9216188EDD11E8BD52DA0EA55224FDF296DBCE60856FEE95CCA22747C1D370861E8005E8A15BAD1BF43E65E2A4C3E94611F670192B0E76AFCF7A80A77C82CDFB
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2928

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\4A2A.tmp
          Filesize

          1.9MB

          MD5

          68f8fd171b0f74707598fc93d0602346

          SHA1

          a6f5201ca4147f1835ceb8ccd26cc9a9bf8a6f9b

          SHA256

          1d6394a355679112523a6173d0e98b389a9b2d4466e3fd9fd59b1e112e917499

          SHA512

          1fc95db0738d78ff307ef5dd6b2b43d67c5e4e9e1130bdfc05c49d8ba429fd969c393113e46c4dd32c279bf9970e709d1f9fc6dafb77410359e7311388942935

          Download Submit

        • memory/1212-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2928-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download