Overview

overview

7

Static

static

3

7a663c37b8...d0.exe

windows7-x64

7

7a663c37b8...d0.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    27/01/2024, 13:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7a663c37b860310d6833e6760ea0b4d0.exe

  • Size

    1.9MB

  • MD5

    7a663c37b860310d6833e6760ea0b4d0

  • SHA1

    ec19b0adff58e5f0ef80d77f743b7b8e72831768

  • SHA256

    0454402a1b6c211fcf92af42cc5d1d7c9ff46619de513440ff4b1d7c15c6ce54

  • SHA512

    d817c665412c45352b9d4f088d6f8812c09e29449a45330a3302391fdcee9d8ae1492dbd620a04cd2414c4b542097f323ae6da1d424ef579db62d781724dfeb7

  • SSDEEP

    49152:Qoa1taC070dc4sC09gdtLQEuwLnYnUshi0hNIMEMN:Qoa1taC028gdtLQDN9NH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7a663c37b860310d6833e6760ea0b4d0.exe
    "C:\Users\Admin\AppData\Local\Temp\7a663c37b860310d6833e6760ea0b4d0.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2016
    • C:\Users\Admin\AppData\Local\Temp\5522.tmp
      "C:\Users\Admin\AppData\Local\Temp\5522.tmp" --splashC:\Users\Admin\AppData\Local\Temp\7a663c37b860310d6833e6760ea0b4d0.exe 176CD26D22D51A6CE8611B9ED9A793B5BBFCDF5149C729F9F0DF718339AD5960BA33255DB5BC5ED19E5958B589E5AE240914C45F4F539BBD7A181580D6FE9F47
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1740

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\5522.tmp
    Filesize

    1.9MB

    MD5

    43372601f1df026336bebe79e1d437d7

    SHA1

    e55de3147b88dff82d71cfaa39a451eb5f74eb0c

    SHA256

    270b770c1e25ac7ff5ae0fbd46b68f6d15607c71168a45db3c915245a0e56b39

    SHA512

    de77708599a2657849953694c6c027dc9deb7ba697cc1c56f91e7fe7dfbf64a80d4c9c88b5a85d97337b5f9784b73c550efd869bc706a68d02e55fbc218473eb

    Download Submit

  • memory/1740-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2016-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download