Overview

overview

7

Static

static

3

75252ed3ed...8f.exe

windows7-x64

7

75252ed3ed...8f.exe

windows10-2004-x64

7

Resubmissions

25-01-2024 18:00

240125-wls3escce7 7

25-01-2024 17:54

240125-wg9vdacbe2 10

Analysis

  • max time kernel
    137s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-01-2024 18:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75252ed3edcacd50236c6d9e961f898f.exe

  • Size

    1.9MB

  • MD5

    75252ed3edcacd50236c6d9e961f898f

  • SHA1

    efef972a8f54fa5d42ca2d622fb94f4d8747af34

  • SHA256

    54fff92b7ec716bea89b872bb2eca31d8367cd50786bcada4b4464f9dfcb4e0b

  • SHA512

    f03eae8e273f4775482e1949e51f5a231e3b63a9e09a6945a0467210990f89d517375808b4dcbfa4ceac450294de054a780aef04f7de5d88743caa2895fa770b

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dwZK/QO1TUUZx9BulEO9RK0u+39IQoOLyUFF/:Qoa1taC070d/QAUYMlp9RKc3WQoOLvF/

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\75252ed3edcacd50236c6d9e961f898f.exe
    "C:\Users\Admin\AppData\Local\Temp\75252ed3edcacd50236c6d9e961f898f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3120
    • C:\Users\Admin\AppData\Local\Temp\CC49.tmp
      "C:\Users\Admin\AppData\Local\Temp\CC49.tmp" --splashC:\Users\Admin\AppData\Local\Temp\75252ed3edcacd50236c6d9e961f898f.exe 8669DD2C7B47B1C6CEE44CC072FCE7BB5D1BE25E93A23C7F76DAF403DBAFB42B0BA933F25453A5D48096CA35FD3FBC0297C911D68354E205991AF5EF1E335EDC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4216

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CC49.tmp
    Filesize

    1.9MB

    MD5

    4d53850fd37b0790a3c79d2f3d28d7be

    SHA1

    fd39a9f1faa0e5674840f920c8dad9c00c66f5ea

    SHA256

    9cfc1bacbbdf429f3aec514e792809e4ca607ca62bba6e5207b37472a683954e

    SHA512

    05eba921a7f559359dffdd7eb5683d2304496c6a40a0103e9c3f00d1bf79e5a77101ad9b9538a70562ffa4c026298299991d62a20f76fa7369ec6a9b4e250f6f

    Download Submit

  • memory/3120-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4216-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download