Overview

overview

7

Static

static

3

67f52c012a...e1.exe

windows7-x64

7

67f52c012a...e1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/01/2024, 15:21

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    67f52c012a171f8433985b1eee69a9e1.exe

  • Size

    4.2MB

  • MD5

    67f52c012a171f8433985b1eee69a9e1

  • SHA1

    4908118f46fd09d4822440a51110d8fe6553aebc

  • SHA256

    532e49d8add133e9181b2306b9f987cd3825662718886ac57727f26d377d9491

  • SHA512

    7503a877ac28d5b305298e306eefe3d90fc190644e0cf279d04eccecd4551d64991a6f665551332cfc1b83d11d756b3f24b7211faea7ad2f3e3edf26088eea9a

  • SSDEEP

    98304:emhd1UryeztskAuLGWpQJGB1WcVLUjH5oxFbxCVLUjH5oxFbx:elsulpQEVUjZEdCVUjZEd

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5CA1.tmp
    "C:\Users\Admin\AppData\Local\Temp\5CA1.tmp" --splashC:\Users\Admin\AppData\Local\Temp\67f52c012a171f8433985b1eee69a9e1.exe 31E85A62EAA7697BE0AAEF1ABE50F5CD8C1937E52EC04588EEC75200D29D83ECC1C654609123ACA3E20D4EB8367CD13B29DE3978C9C201C4DA0702E5A15E2B76
    1⤵
    • Executes dropped EXE
    PID:2448
  • C:\Users\Admin\AppData\Local\Temp\67f52c012a171f8433985b1eee69a9e1.exe
    "C:\Users\Admin\AppData\Local\Temp\67f52c012a171f8433985b1eee69a9e1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2100

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\5CA1.tmp
          Filesize

          4.2MB

          MD5

          d539cfb7f29edb915ccf80fe546b47d5

          SHA1

          74dd369429525bd1469050d1c3277150683011c6

          SHA256

          d9bf7dce020160daea3ad8c153330e93325f8f2e29549175535828e7661618fb

          SHA512

          7f78db2beb8b4c2b51ddb8b2c27ec21f9a3ea27e16574df6ca578760998d337050cdd38f2fcca6d3c4a6ca831d417189ea6b2afef5458c8877bb5104ec2ad8f7

          Download Submit

        • memory/2100-0-0x0000000000400000-0x0000000000849000-memory.dmp

          Filesize

          4.3MB

          Download

        • memory/2448-6-0x0000000000400000-0x0000000000849000-memory.dmp

          Filesize

          4.3MB

          Download