Overview

overview

7

Static

static

3

70b9b6fc87...7f.exe

windows7-x64

7

70b9b6fc87...7f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    143s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/01/2024, 22:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    70b9b6fc87be51bc39a7202031a1357f.exe

  • Size

    224KB

  • MD5

    70b9b6fc87be51bc39a7202031a1357f

  • SHA1

    e3bceaf4c2fcfd3080f5428c00adf6950f547d35

  • SHA256

    8061882d7c9ac3d50b29058413590dadb92969619e16dc95b4a614036df71c28

  • SHA512

    bd7f39af7bfb8bcd39c84515b6ad2e6ec589e4122feaa39f97dc46ffab40a377ea7f6c9c9c2567df8e5dc6ef40af58b42c9665734d1cce6033e28a3b3b68fa7e

  • SSDEEP

    3072:+fbA7uidA7AyemWvik8STpUpbQ47+CcfIyZ+cjLtHKfI:Tdw3Wi2T2tPPEZzJHt

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\70b9b6fc87be51bc39a7202031a1357f.exe
    "C:\Users\Admin\AppData\Local\Temp\70b9b6fc87be51bc39a7202031a1357f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:4372
    • C:\WinDDK\WinDDK.exe
      C:\WinDDK\WinDDK.exe
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:4108

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\WinDDK\WinDDK.exe
          Filesize

          224KB

          MD5

          6dbaa947c2f9f9d5890a34bc33776fa8

          SHA1

          36370c4ccfa8711366ed1a3fa9fbde05c4fcdef5

          SHA256

          d03b232d06ebf763a03c3c0a9fdf438148a5fa5eaa940466a7c049d5ddb4c587

          SHA512

          1c2147c4eaf04adadc75fde6f4e994eeb3e338c3339e2fd74c177c2383dadd2a8c1980b77834f205911c19c2ee52b15cc1672beaa762ce3afff0bde7d70d9e78

          Download Submit

        • C:\WinDDK\tmp-0.bin
          Filesize

          8KB

          MD5

          396566faf2c8dd9ba6837b19c36e41a0

          SHA1

          eeb42cf96d1525e8db40685d923ba83bed035aed

          SHA256

          05e17d01b2cb46722746ed61a72d37668e669896f94a27daee40df0669f55b5d

          SHA512

          b41d8dbb524f6cbff8d800a306d9683d1091d281e67c05bba049f201c7c982d1a04bba15eac48c147b221cc0e580efaa4ef2717610b0991bffd30883e8b4b7eb

          Download Submit