Overview

overview

7

Static

static

3

7ae75e28fb...24.exe

windows7-x64

7

7ae75e28fb...24.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    27/01/2024, 18:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7ae75e28fb1dfa87563bfc6df45ad224.exe

  • Size

    1.9MB

  • MD5

    7ae75e28fb1dfa87563bfc6df45ad224

  • SHA1

    3303bd571bd26db59da2fb6635a216e3a132e78d

  • SHA256

    4c7dbf25e3e45d5cdabc302fe7bc37cf28371279851d8e96b534b7138a31a8c9

  • SHA512

    f6ae90f034f7a7bf41c43c8eec3a66f9664abbe1e0bb0262b3faa529f5de32de42c6dc0c5bed4f638a61e66e5588e2504ce96b9b32e9902dadde13fa90c27c15

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dGr6u4oZWIOwseQSDUb4xJYiQ5oyHbaZKOpX0:Qoa1taC070dGL4hnlSDUyu1HYKIs

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7ae75e28fb1dfa87563bfc6df45ad224.exe
    "C:\Users\Admin\AppData\Local\Temp\7ae75e28fb1dfa87563bfc6df45ad224.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:3000
    • C:\Users\Admin\AppData\Local\Temp\4808.tmp
      "C:\Users\Admin\AppData\Local\Temp\4808.tmp" --splashC:\Users\Admin\AppData\Local\Temp\7ae75e28fb1dfa87563bfc6df45ad224.exe 914EA7ACEBC6C7704565ED6AAF4522EDE6582CEE3F59E508503672B062747858A6EF1ACA9BBFF6CE9EEC22954A6E8A4B9E65E3B5D7EEBE9B8DE8D7F87655B445
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\4808.tmp
    Filesize

    1.9MB

    MD5

    b96dcdd0ba43036405ea95e28a82483c

    SHA1

    ca41e5d6fee0c5fb7ed181d04ee042cde1ff4646

    SHA256

    0abdeb82fd2b71ced57b01faa4d5c63756c1a32c307fd2617ed656285002a7c0

    SHA512

    7a241de5ace11adb5888d3f3b567b7a4d706a70fcbb3e40f08447b4fc9126f6248ab60bb4cac6d245a84bb3b8425d91e209e8b4b41d6e06595557cff9daffce3

    Download Submit

  • memory/3000-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/3056-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download