Overview

overview

5

Static

static

3

7eb3e9b641...16.exe

windows7-x64

5

7eb3e9b641...16.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2024, 02:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    7eb3e9b64193b9c89ff7fe5e13f7aa16.exe

  • Size

    161KB

  • MD5

    7eb3e9b64193b9c89ff7fe5e13f7aa16

  • SHA1

    858572b756b0f6a9be3be1da5f459de07cf75958

  • SHA256

    75f89d9286fa7abda6883a5c7625be647b8a2d0c6823ba92282e4aec6c3cac36

  • SHA512

    7e6291567fe78cd55803e4a76a56831d0970f88ee2d747a05989fcb4d4dd31ccff333f6760af3e0e0691a9d503850e2efe0da90bdafbad8b79ca9877c9566eab

  • SSDEEP

    3072:WKykiBb+qq7NyGCjkin3CuNNb9Ls2qcROHY3k/rPcuakyxmurekUb6N5ilq3IFF8:Wr6hyGCjki1hFhzQrPc7kG3rVSqYH8

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 1 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

Processes

  • C:\Users\Admin\AppData\Local\Temp\7eb3e9b64193b9c89ff7fe5e13f7aa16.exe
    "C:\Users\Admin\AppData\Local\Temp\7eb3e9b64193b9c89ff7fe5e13f7aa16.exe"
    1⤵
    • Drops file in System32 directory
    PID:2380

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Windows\SysWOW64\newssoft.exe
          Filesize

          2KB

          MD5

          8bfcf44eb468bd8d016c0a378f5ce3b6

          SHA1

          11afc64a4248bf6856fc4f8481d6b62f50f86143

          SHA256

          04aa3b55acb1d205869dda64310cd684169666980c1fc4f41d7364ee58a7f973

          SHA512

          3e445d11ba096b13fca27dd4a7cd620eff4a31f90163f91002128baf96ad95bf58f4dd7143ca59789701aacc55fd9d68400e6bff350e1781696cdf0a95754ea8

          Download Submit

        • memory/2380-0-0x0000000000400000-0x0000000000462000-memory.dmp

          Filesize

          392KB

          Download

        • memory/2380-1-0x00000000001B0000-0x00000000001B1000-memory.dmp

          Filesize

          4KB

          Download

        • memory/2380-9-0x0000000000400000-0x0000000000462000-memory.dmp

          Filesize

          392KB

          Download