Overview

overview

7

Static

static

3

75802c3c4e...6b.exe

windows7-x64

7

75802c3c4e...6b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/01/2024, 20:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    75802c3c4e4e4aa60b7bd23ce6ba686b.exe

  • Size

    105KB

  • MD5

    75802c3c4e4e4aa60b7bd23ce6ba686b

  • SHA1

    3bb1ef77d3d6eb6c444f9851504284da417bd63e

  • SHA256

    61793f3c4f5e7bc77b99c6f2a021806fdd43927175db20f33477ff0a994066bb

  • SHA512

    5bac3d2da096ff77f15a6614d9b95e499d835f23279d4937a423a310616ae20c21fdc99df8a5f4263ec9e6d66ab78ecf3f890d232e014523962019f21db7cbca

  • SSDEEP

    1536:LYBbbQtakziiNK+SWY+j/d2esjgzqjUDHy24UKezSkGhKziTt6DtW9YH:8AakziizSuFG0Hy2LSxopW9i

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\75802c3c4e4e4aa60b7bd23ce6ba686b.exe
    "C:\Users\Admin\AppData\Local\Temp\75802c3c4e4e4aa60b7bd23ce6ba686b.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Users\Admin\AppData\Local\Temp\75802c3c4e4e4aa60b7bd23ce6ba686b.exe
      C:\Users\Admin\AppData\Local\Temp\75802c3c4e4e4aa60b7bd23ce6ba686b.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\75802c3c4e4e4aa60b7bd23ce6ba686b.exe
    Filesize

    105KB

    MD5

    ca519c4b8a9a3639bdf31b44e8de5649

    SHA1

    425689b10c5bc7f8921a25fc7f9f63727a324214

    SHA256

    905e76ac5b09ee82c0216065c92408f84ddfb9b4c95ca8fbd4a94bb8874f69dc

    SHA512

    0f563a52bb1cb712d986b71efa706df4d8bc08c4829f2b82a49928c03891c4ae0d7018e96aa023b66071f9f5f4dc89da6b0a75c39f46395645e07207ef633d0b

    Download Submit

  • memory/388-13-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/388-14-0x00000000001B0000-0x00000000001DF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/388-20-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/388-22-0x00000000014E0000-0x00000000014FB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1712-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1712-1-0x00000000001C0000-0x00000000001EF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1712-2-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1712-11-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download