Overview

overview

7

Static

static

3

77875132ae...52.exe

windows7-x64

7

77875132ae...52.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    151s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/01/2024, 13:48

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    77875132aec01b9b7cfecdbf29da9052.exe

  • Size

    1.9MB

  • MD5

    77875132aec01b9b7cfecdbf29da9052

  • SHA1

    2d3c0b601676c783df0818aab017b4010fdb80fa

  • SHA256

    5349444bf043830bda106898ccf7961700351e0ad06f62a20d496e7da3bc5be0

  • SHA512

    22506b2eb5feae2ff39f4f4ce5e5eb19fbda799b9583f07005534218799cd445401953b11ed30cbf89fe812ee64563aaf0de7959ccf12d99bddd2b0f3e6da521

  • SSDEEP

    49152:Qoa1taC070dXCjRZfLKYm8/FPVDfKkttUAbZnpk:Qoa1taC0tNZfLKm/FBztFfk

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\77875132aec01b9b7cfecdbf29da9052.exe
    "C:\Users\Admin\AppData\Local\Temp\77875132aec01b9b7cfecdbf29da9052.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1000
    • C:\Users\Admin\AppData\Local\Temp\D9A7.tmp
      "C:\Users\Admin\AppData\Local\Temp\D9A7.tmp" --splashC:\Users\Admin\AppData\Local\Temp\77875132aec01b9b7cfecdbf29da9052.exe C4203753E782191C5AE0455FFB39E958FE4DAF22DC9C6B2C3DB7E6EC9505501BCE84B4DACE7A68E94A4BFAA323D19A04DCA528234737AEE345BC97E3B7923A1E
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\D9A7.tmp
    Filesize

    1.9MB

    MD5

    6cb3ada8ca6a7bb2454f7b1e4db77fa7

    SHA1

    3a614d78cce7c09da8b4ffde07ab2a3438b2f8a2

    SHA256

    050d5d4433f0a7589168279b8446ee87850c978238531f1a8146d557eacaf02d

    SHA512

    f343e2d6fdfc21fddd89c064a5df87959f6b8ef3eb76e9fdc71c12d86a4af3ec487a2f62419b072b491599e9719ae8e9bf5601e3fb21a6dd35173feae06a3e4e

    Download Submit

  • memory/1000-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2796-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download