Overview

overview

7

Static

static

3

7b5d7205ee...82.exe

windows7-x64

7

7b5d7205ee...82.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2024, 21:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7b5d7205eee3d3ab804e46bcfa56d482.exe

  • Size

    82KB

  • MD5

    7b5d7205eee3d3ab804e46bcfa56d482

  • SHA1

    9b97e246828f5e7675a7795cce2bb5ff7370324a

  • SHA256

    1bfe9f67b0cb5da14f888eee0a46c0d41383bc99a3cb48584facb3358bdce09a

  • SHA512

    3788e4566ea8e56fdd6beb09708b5c1f8138c4eba9845083543379f04c87aa7052c8b2357a76e09f3351500c1c91f69b86b725170ecc3bd4da2b422382efa9f0

  • SSDEEP

    1536:pM+oXDGhKP0Yv1lCJmGF90ZO0q1AyfMjuv/40Ab0KboBwx9y47d:yXDMoX40ZHvu3T4dcBwx9yad

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7b5d7205eee3d3ab804e46bcfa56d482.exe
    "C:\Users\Admin\AppData\Local\Temp\7b5d7205eee3d3ab804e46bcfa56d482.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1688
    • C:\Users\Admin\AppData\Local\Temp\7b5d7205eee3d3ab804e46bcfa56d482.exe
      C:\Users\Admin\AppData\Local\Temp\7b5d7205eee3d3ab804e46bcfa56d482.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:880

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7b5d7205eee3d3ab804e46bcfa56d482.exe
    Filesize

    82KB

    MD5

    f769b13ea50785bb6950de7a8439b689

    SHA1

    4808131289ad95248914ed3ce9bd0bda00a1f848

    SHA256

    9440f184ffdf12b39cd4e62e20e7568b26a0132e27727fe9087ebebcf5829240

    SHA512

    5d49c816849b9d3a6a2a2450b9deb64b7bf2b5ab51617c75b763ab116fb11f3a92d4e70fb9f006ab132ca5ee9517980d93cd6d8e31213310c848c42ba881af0f

    Download Submit

  • memory/880-14-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/880-16-0x0000000001500000-0x000000000152F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/880-20-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/880-25-0x00000000015E0000-0x00000000015FB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1688-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1688-1-0x00000000001C0000-0x00000000001EF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1688-2-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1688-11-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download