Overview

overview

7

Static

static

3

86351d8d5b...7c.exe

windows7-x64

7

86351d8d5b...7c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    138s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/02/2024, 06:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    86351d8d5bf023437a9f2bc01a3d0a7c.exe

  • Size

    1.9MB

  • MD5

    86351d8d5bf023437a9f2bc01a3d0a7c

  • SHA1

    6fe3aade6107ff1afe3fb33459d65bdc07267a14

  • SHA256

    8228cd9409113e8b18a2ed664ac3f2606b1e20ef16bbac1a9eed3e509aa92252

  • SHA512

    665a66fbd29c33270eb5c687abeb85df04ee0b7ef263676d94f1d96c6131d6b07aad83b84627fef1308940e8886666bcf25f97988f1cea237362cf1fbf1609de

  • SSDEEP

    49152:Qoa1taC070dLOBKorOZ16nQJuhh86XOU3Iga:Qoa1taC0xOZ16QJwwILa

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\86351d8d5bf023437a9f2bc01a3d0a7c.exe
    "C:\Users\Admin\AppData\Local\Temp\86351d8d5bf023437a9f2bc01a3d0a7c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3960
    • C:\Users\Admin\AppData\Local\Temp\C880.tmp
      "C:\Users\Admin\AppData\Local\Temp\C880.tmp" --splashC:\Users\Admin\AppData\Local\Temp\86351d8d5bf023437a9f2bc01a3d0a7c.exe 174C81728F0140255135FD139494DB57476C84ABF8D32154677F15D3ED6FC4B03C28C8588850619F6839B013B3D5835E678140031C558847DD2943AFA1FC67FF
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\C880.tmp
    Filesize

    1.9MB

    MD5

    9e9d9c2335e559f050cc84c44beb9287

    SHA1

    d54bb62b6295dad05a00414e307b46aca7cfd0f6

    SHA256

    36372012d722712f722b5a223455271470f358688855cd5cd59ad2e0c31fa263

    SHA512

    e8c6b0904784b756a831a9300316c7c29c33f2794f03ff4db43254358bfc041e51f30c1242258ff6893ea34b6279dd5b6ee05086a3d9f246d18d757f503e5c56

    Download Submit

  • memory/3960-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4660-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download