Overview

overview

7

Static

static

3

7ad6b3c7e5...0c.exe

windows7-x64

7

7ad6b3c7e5...0c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    27-01-2024 17:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ad6b3c7e50903a32c6ba563e8affc0c.exe

  • Size

    476KB

  • MD5

    7ad6b3c7e50903a32c6ba563e8affc0c

  • SHA1

    09c30eb79e5b2ba5e79c7c06bafb74afed118faa

  • SHA256

    da2dbc63af8632ebf7c63ae57d5c61267bb6cd6a59aa0f7d3ab6ba27d8021fa2

  • SHA512

    7a56025b74537f123be1691dcbdb727801887bc1bf37047c83adf0284622131d7a9ff346aef0a031088f4ab176445ec42f19a14f21eeae5fb89ba07c0a38e7e3

  • SSDEEP

    12288:MLry/neyx7f/A64j7P+tixhT8nWfUNMSKg:qKeyxTAJj7P+yWwbY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ad6b3c7e50903a32c6ba563e8affc0c.exe
    "C:\Users\Admin\AppData\Local\Temp\7ad6b3c7e50903a32c6ba563e8affc0c.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:624
    • C:\Program Files (x86)\msdnukbf\rowwoxbqqaucj.exe
      "C:\Program Files (x86)\msdnukbf\rowwoxbqqaucj.exe"
      2⤵
      • Executes dropped EXE
      PID:2996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files (x86)\msdnukbf\rowwoxbqqaucj.exe
    Filesize

    500KB

    MD5

    b3a99be167576d22fec694f897702b94

    SHA1

    dc3919d18617c7428395dffce6bda9d1fc522d72

    SHA256

    0d9d7c688d8e0e46c3c1c95fbd73c0296326ce304eba04a68771f7c4b7bcb847

    SHA512

    11b81bf56ce72c691e24c881272e613ed5177c10dbbf3ac000f4f1d9329f3b2c4a43253bb245a9f0052ec506ba6c86d8358074342a724e9e9a80200dfc1de457

    Download Submit

  • memory/624-0-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/624-1-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/624-7-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/624-5-0x0000000000330000-0x00000000003C4000-memory.dmp

    Filesize

    592KB

    Download

  • memory/2996-11-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/2996-10-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download