Overview

overview

7

Static

static

3

65a726dc45...84.exe

windows7-x64

7

65a726dc45...84.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-01-2024 17:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    65a726dc453ce1eb5b0ff24494541c84.exe

  • Size

    1.9MB

  • MD5

    65a726dc453ce1eb5b0ff24494541c84

  • SHA1

    c5ac4f662479f3edfd7d2902632241697a6705c8

  • SHA256

    1ab3ff388c0ce70a0083af5ec6e524e3bd33c11690b0f983570e5e4d9feef432

  • SHA512

    52b99722c6b9eb68402001fd3396b5e8e6a4b95e5cda8d45cb9d2a1c735fab84d073a70b389b8743388ce7b67cf557620633b0e5aab19435ab2048f887570a27

  • SSDEEP

    49152:Qoa1taC070d8iINNlefTIiIkGi7AL1Zgv/OvZF:Qoa1taC0JNlefTIiIti7UZC2v

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\65a726dc453ce1eb5b0ff24494541c84.exe
    "C:\Users\Admin\AppData\Local\Temp\65a726dc453ce1eb5b0ff24494541c84.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3880
    • C:\Users\Admin\AppData\Local\Temp\CBEB.tmp
      "C:\Users\Admin\AppData\Local\Temp\CBEB.tmp" --splashC:\Users\Admin\AppData\Local\Temp\65a726dc453ce1eb5b0ff24494541c84.exe 14E9C1031539789EA432EFCE9A1E14CA1B2B3592135E6D8999525B28C2FCACFACF2F5EB95F63251D7F04BA55569A4C82778AD6595613A80BDDD58399FF18396A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CBEB.tmp
    Filesize

    1.9MB

    MD5

    2a55376b4dcfa5c5fda1fcab9c31dff2

    SHA1

    42acfe305cae6d7a80e90c72983ede3441fb8492

    SHA256

    48b5dbb62a88f5da8f25c1e4fdf3477387079b0af6b50be86c180d62802b1ba3

    SHA512

    316c675970603f3d685663287dd478e1768efba17c650ae53ba0994f432d75102e1d90e03fd735c8c145bc903f5ad6c9b84d4c953e23fe6fc2c31e2b5828319c

    Download Submit

  • memory/3880-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4728-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download