Overview

overview

7

Static

static

3

7ad6b3c7e5...0c.exe

windows7-x64

7

7ad6b3c7e5...0c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    142s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/01/2024, 17:26

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7ad6b3c7e50903a32c6ba563e8affc0c.exe

  • Size

    476KB

  • MD5

    7ad6b3c7e50903a32c6ba563e8affc0c

  • SHA1

    09c30eb79e5b2ba5e79c7c06bafb74afed118faa

  • SHA256

    da2dbc63af8632ebf7c63ae57d5c61267bb6cd6a59aa0f7d3ab6ba27d8021fa2

  • SHA512

    7a56025b74537f123be1691dcbdb727801887bc1bf37047c83adf0284622131d7a9ff346aef0a031088f4ab176445ec42f19a14f21eeae5fb89ba07c0a38e7e3

  • SSDEEP

    12288:MLry/neyx7f/A64j7P+tixhT8nWfUNMSKg:qKeyxTAJj7P+yWwbY

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ad6b3c7e50903a32c6ba563e8affc0c.exe
    "C:\Users\Admin\AppData\Local\Temp\7ad6b3c7e50903a32c6ba563e8affc0c.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:4668
    • C:\Program Files (x86)\mwrej\hkeozvuo.exe
      "C:\Program Files (x86)\mwrej\hkeozvuo.exe"
      2⤵
      • Executes dropped EXE
      PID:928

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files (x86)\mwrej\hkeozvuo.exe
          Filesize

          320KB

          MD5

          fe70759f3b3323abb02970a31513d311

          SHA1

          c321ff18cf50035f685b6e7366e587d73404a832

          SHA256

          544f42042e0ae726d725a6529beb70ae18848ace5e98ec0f96ac1a341a05d8b7

          SHA512

          722113d63674e6c6874685b030c4a507bb863e2875f856e778b955cd695544228ab6443ec90327c543bd8262c664d0db3caf48e0c46fd05eeaba222de7e6a124

          Download Submit

        • C:\Program Files (x86)\mwrej\hkeozvuo.exe
          Filesize

          2KB

          MD5

          e7b3b2d41ddb65136a1bbd96bc9668e1

          SHA1

          c5fd35bae81940c6c36e4469aaaf52143dd3849e

          SHA256

          51e8949a10b6e35e3ca757516bbade129987e593bde8a86cefb8918ca67b3201

          SHA512

          924e0fa9d1b281d7e71a0cadbff7432e06c53bc76085e3e94e7c777afcd3bb480168b42fe11ce74fbc3585e542bf72c35d1b567d0e91781ad98c80ed47b71a99

          Download Submit

        • memory/928-7-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/928-8-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/4668-0-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/4668-1-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download

        • memory/4668-6-0x0000000000400000-0x0000000000494000-memory.dmp

          Filesize

          592KB

          Download