Overview

overview

7

Static

static

3

77875132ae...52.exe

windows7-x64

7

77875132ae...52.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-01-2024 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77875132aec01b9b7cfecdbf29da9052.exe

  • Size

    1.9MB

  • MD5

    77875132aec01b9b7cfecdbf29da9052

  • SHA1

    2d3c0b601676c783df0818aab017b4010fdb80fa

  • SHA256

    5349444bf043830bda106898ccf7961700351e0ad06f62a20d496e7da3bc5be0

  • SHA512

    22506b2eb5feae2ff39f4f4ce5e5eb19fbda799b9583f07005534218799cd445401953b11ed30cbf89fe812ee64563aaf0de7959ccf12d99bddd2b0f3e6da521

  • SSDEEP

    49152:Qoa1taC070dXCjRZfLKYm8/FPVDfKkttUAbZnpk:Qoa1taC0tNZfLKm/FBztFfk

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\77875132aec01b9b7cfecdbf29da9052.exe
    "C:\Users\Admin\AppData\Local\Temp\77875132aec01b9b7cfecdbf29da9052.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2128
    • C:\Users\Admin\AppData\Local\Temp\44EC.tmp
      "C:\Users\Admin\AppData\Local\Temp\44EC.tmp" --splashC:\Users\Admin\AppData\Local\Temp\77875132aec01b9b7cfecdbf29da9052.exe 6445DFFB0650757CC0567BA6B8F075A2255AD5D8127A290025AC751CE138F5BEB9D016DFDFE282126F4C15C97E47E269056597D6EB60661B946EF2F263E6CD94
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\44EC.tmp
    Filesize

    1.9MB

    MD5

    0cdc3a29606039ad47c522c25f08e2b3

    SHA1

    245f0bdca7e3f3730d4662df0630eeb8975b52b0

    SHA256

    aa4e22dd30fc6002f00a45292f9d6ae0b4f440d3cb7a16bf008b7f4fb8f353a2

    SHA512

    a38eff84eefc834ab72a577314a241ca460aa9ecf687a973b61017d8d2cf85edd04b367551af12b83b5d60d675067d0aacb1caefd6e49b188a37bfe2c0eecd50

    Download Submit

  • memory/2128-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2296-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download