Overview

overview

6

Static

static

3

75beb56f3c...ed.exe

windows7-x64

6

75beb56f3c...ed.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25-01-2024 23:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75beb56f3ca17d8cc17fcbd2d38197ed.exe

  • Size

    1.3MB

  • MD5

    75beb56f3ca17d8cc17fcbd2d38197ed

  • SHA1

    546222ed7fbfcb5131d17c9619c662318adc4e33

  • SHA256

    30b71b9133440712cdfb60862e1d0db5780940de27f74bb94b7bfc6d7e5f20ba

  • SHA512

    c6e5d0c4ecefefad8421090e54ddbff609aad2470c8efe629b8467eb8331df49ddf7a4853b6037d6c2a284f571b9fd8d86461902bee822582659e4c22103b805

  • SSDEEP

    24576:VSlF5XZr5HHEjctsGxe9hkWQ6hqVXirTCU8VUvlfEAafBf4akAVJOrKGNloUJsi6:VSb5X7GC6nkWQ6hwXird8u9ETdJgKGRq

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Drops file in System32 directory 2 IoCs
  • Drops file in Windows directory 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\75beb56f3ca17d8cc17fcbd2d38197ed.exe
    "C:\Users\Admin\AppData\Local\Temp\75beb56f3ca17d8cc17fcbd2d38197ed.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in System32 directory
    • Drops file in Windows directory
    • Suspicious behavior: GetForegroundWindowSpam
    PID:1088

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1088-0-0x0000000000400000-0x0000000000930000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/1088-1-0x00000000001C0000-0x00000000001C1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1088-3-0x0000000000400000-0x0000000000930000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/1088-4-0x00000000001C0000-0x00000000001C1000-memory.dmp

    Filesize

    4KB

    Download