Overview

overview

7

Static

static

3

7e1dec9963...11.exe

windows7-x64

7

7e1dec9963...11.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    148s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/01/2024, 22:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7e1dec9963f3ef50032fbe0d2b140611.exe

  • Size

    1.9MB

  • MD5

    7e1dec9963f3ef50032fbe0d2b140611

  • SHA1

    ece1e0134b70078f7f74300dbd4085a8ec3e5442

  • SHA256

    40700a2b542f96a5f563a74aa01f95854e77e28a2db51233fbe3e3c328098277

  • SHA512

    8fa9d53c00ec070aa15269eb5ebcb5df5509c0898723790c226bfa817c5234bb4ac25dc571bdb854806c54935795cc2d13b100c7621667e67a0621a39544cf00

  • SSDEEP

    49152:Qoa1taC070dodcILZfwP+Ln2Lpdn905u2iLtXd9/3gxR:Qoa1taC0082Lzn90Q2qN9/3iR

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7e1dec9963f3ef50032fbe0d2b140611.exe
    "C:\Users\Admin\AppData\Local\Temp\7e1dec9963f3ef50032fbe0d2b140611.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Users\Admin\AppData\Local\Temp\55F0.tmp
      "C:\Users\Admin\AppData\Local\Temp\55F0.tmp" --splashC:\Users\Admin\AppData\Local\Temp\7e1dec9963f3ef50032fbe0d2b140611.exe 98BE6CD2D5D1B4B1561C2F1A93F7705280ACEE994F4DE9F3C9ADD598587E387F2D4F1036CB5E44EF81C487FDFE44B3FFB1724D601F7B808B981256458B8AA4A2
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\55F0.tmp
    Filesize

    1.9MB

    MD5

    e0278e7f586725fddaeb281534a0923c

    SHA1

    3c8d83c78982279bf32802418b4915aeca6473fa

    SHA256

    8047ceaeb116eb24216cc30e1d2ec0d6585688c9116c1f5005e2899a060a1cd3

    SHA512

    2dc7a449be3b4b3d2502135cce3fda927aa76a688c491036d92cf007beee0438a74fc13f657eaa7a9f44efbc4fc6d2b88d0ae13745a09be88491ff739b489537

    Download Submit

  • memory/2008-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4032-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download