Overview

overview

7

Static

static

3

8b716f970f...86.exe

windows7-x64

7

8b716f970f...86.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    92s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03-02-2024 04:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b716f970f52d1539f9648ebc7db7986.exe

  • Size

    1.9MB

  • MD5

    8b716f970f52d1539f9648ebc7db7986

  • SHA1

    0a61fc1d1605e632f666e81d87cedc1749f5d958

  • SHA256

    2a0ad76d959fbb779a54be35b5591249cc7f1335a5ea7ea520aea62ec7c19357

  • SHA512

    baa7202b1d64763dc8b1c64801b1037ff0657bba2f2d47c78524b991556ada3be16c4c8bbeed16514ba4b471a98e6f285be64770700358b4e0057a16a26d7c64

  • SSDEEP

    49152:Qoa1taC070d6SFMymoQhBPLYVL6RAbUHKzxNv/:Qoa1taC0l8vmxBFRAAq7/

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b716f970f52d1539f9648ebc7db7986.exe
    "C:\Users\Admin\AppData\Local\Temp\8b716f970f52d1539f9648ebc7db7986.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5012
    • C:\Users\Admin\AppData\Local\Temp\4ECC.tmp
      "C:\Users\Admin\AppData\Local\Temp\4ECC.tmp" --splashC:\Users\Admin\AppData\Local\Temp\8b716f970f52d1539f9648ebc7db7986.exe 032E82EBA290E9DDBCE4A3FEB338DE9FAD0E24C178548B42EDD9738A796B181C9DFF0CB8630F89617BE82762DC4138CD0FDA77E85547E9053604CA654DE0557D
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4ECC.tmp
    Filesize

    780KB

    MD5

    e363fe5b9e290f3915049b98cf088c71

    SHA1

    cbd7471c99f8df76e26ca70508c4ec5363d6bf8b

    SHA256

    ccddf6da59ae5f8d3fb4b32bcaf99088d3ebdae1fe86e4aff4cb6b70ebda4f8e

    SHA512

    5dc6d491a2c535d7499bab0ac138b7582e58b1cfecbe49198c54bb97239c0003f62417fc8920bc15258203f8daa2af398fd4c797e1c1ba96092121fe66b5fda0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\4ECC.tmp
    Filesize

    866KB

    MD5

    2a19fdb8b11383b1d13efba92475d1d2

    SHA1

    f66874816438c8071d1c30c7c78ad2d15e38365f

    SHA256

    1d982c6e8ae689dca6f61862a4d449af87bb1cea35210dc7fd81943bf7218abd

    SHA512

    8f6a7d0147fcf2776fff0ef174c76cfcba48852cc4886ad3ae0837df0851a2c690dddaf81660adb3618e1bc2c50f28da60756a41a718afec987a515ff1fe0243

    Download Submit

  • memory/2220-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/5012-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download