Overview

overview

7

Static

static

3

7eea060d6e...7f.exe

windows7-x64

7

7eea060d6e...7f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2024, 04:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7eea060d6ef339f349f3df90dd7da07f.exe

  • Size

    84KB

  • MD5

    7eea060d6ef339f349f3df90dd7da07f

  • SHA1

    ce5bfc0cc35b648bbf57f3f7d02d64ca77ad9cb6

  • SHA256

    477f1ece0eed3d28b1fdd96ff313b512ef1ab138d3539d8bd770cd9841a27e1b

  • SHA512

    0eefcc3626297699955c07af6014e9850211481a5f129c63d16f27eb130fbe720e73dcdc384e90a219dc86e484c113bc60959c40c9d8d8842aa39e4261fece99

  • SSDEEP

    1536:AQyhAptXSe01i1TuhX9AiGWo8+io1n5hwCFGZqoaUHOCK0L/L9pZs5r:yhArV01ioME5oRPFbolhLxsF

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7eea060d6ef339f349f3df90dd7da07f.exe
    "C:\Users\Admin\AppData\Local\Temp\7eea060d6ef339f349f3df90dd7da07f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Users\Admin\AppData\Local\Temp\7eea060d6ef339f349f3df90dd7da07f.exe
      C:\Users\Admin\AppData\Local\Temp\7eea060d6ef339f349f3df90dd7da07f.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\7eea060d6ef339f349f3df90dd7da07f.exe
    Filesize

    84KB

    MD5

    3368ffe2e04c2b84bd83b8c544b5fe3a

    SHA1

    7f4473305d516a0da3831eee003c4c1d9950ebfa

    SHA256

    2ba02eec312e8c31f56793d556a2407b260fd7fe1e10b9d2348fa85567c4d773

    SHA512

    9ae237c31c1ebbf13675b8c10e0e3c308d2573b791f2fe402a60e02e2c972de32a8a7b09eb1827eb2c7353639308193b71414216002845180a1793faeeb07791

    Download Submit

  • memory/2080-17-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2080-24-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/2080-29-0x0000000000240000-0x000000000025B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2080-18-0x00000000001E0000-0x000000000020F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2232-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2232-1-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/2232-7-0x00000000000D0000-0x00000000000FF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2232-13-0x00000000001A0000-0x00000000001CF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/2232-15-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download