Overview

overview

7

Static

static

3

780f5a8a5e...06.exe

windows7-x64

7

780f5a8a5e...06.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26-01-2024 18:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    780f5a8a5e5e8ac22729cbdd7c6afb06.exe

  • Size

    1.9MB

  • MD5

    780f5a8a5e5e8ac22729cbdd7c6afb06

  • SHA1

    08bd95ef73d81b649b4f249818c4332c9c920a75

  • SHA256

    21696de1697f6e27a01762e33a3db587187bce7e871213a6ba32b9bc1096d403

  • SHA512

    34072b8c26bd5a7edb96619bce51417a1bb8e0c84b5272902c261adb5c9e21dd0fe1316ca128d4e83eac35e3d6d03d38e1a02aaa76f527d4b7fe29cb32ca9950

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dYfWtc9jaTEdfiPXhr5J/T2IVw3ZCZO6R5Wz+:Qoa1taC070dYUcrdsxlJb2C5KL/6dZ

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\780f5a8a5e5e8ac22729cbdd7c6afb06.exe
    "C:\Users\Admin\AppData\Local\Temp\780f5a8a5e5e8ac22729cbdd7c6afb06.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1392
    • C:\Users\Admin\AppData\Local\Temp\F7B.tmp
      "C:\Users\Admin\AppData\Local\Temp\F7B.tmp" --splashC:\Users\Admin\AppData\Local\Temp\780f5a8a5e5e8ac22729cbdd7c6afb06.exe F76D9E5258321AB2879E424F4A8165317A33411AA07FCE61F15347B7D20CC05ED5CBAD2B90BFE0DD576A17F409355436885B6C4C6122672D9C44518C78A9397B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\F7B.tmp
    Filesize

    1.9MB

    MD5

    020fa5a9d1d2f56f9b0b09d2da72e022

    SHA1

    9626de84f76df60b2d7ba3ddc61f4f2ea0dab35a

    SHA256

    6a2325b0b47c897301332df2697ab67ad42595af2d4a72f3aa773fa5d6ba021a

    SHA512

    5d19b27dcb859cd71fb955818f4f3d1f944772089fd6422dc896f41a56a4cb9324abfaa8551f79eec36c245c5ef06b61b7bfc183f5c844e4941ff597cf504b92

    Download Submit

  • memory/1392-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/1848-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download