Overview

overview

7

Static

static

3

8dd6697fd2...59.exe

windows7-x64

7

8dd6697fd2...59.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04-02-2024 01:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8dd6697fd272530800cb01eb25eee159.exe

  • Size

    169KB

  • MD5

    8dd6697fd272530800cb01eb25eee159

  • SHA1

    717e64e5b81dd1f5b415f6953d6c9cdad0f1dcff

  • SHA256

    806f6f350d837409138bd500f7356e749ba476c65fd6295b5b1456b1dd937ad6

  • SHA512

    650f5739a7e380a2a74677243f002ecc95a9b6f84a3aacd2ec9c90a3b9600a9a8c41f00b8c1feebaf22a52d6039677482233eecf8b774d856e96aadd09f30ebf

  • SSDEEP

    3072:h8fCbXl1LZuBfaqgIjnJepYj2H3TXpmHD6Tn9cTKfXwmMp4p+sKq:h8f6VxZuUqgIjtjI0uTnYKfAup+sKq

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8dd6697fd272530800cb01eb25eee159.exe
    "C:\Users\Admin\AppData\Local\Temp\8dd6697fd272530800cb01eb25eee159.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:4200
    • C:\Users\Admin\AppData\Local\Temp\8dd6697fd272530800cb01eb25eee159.exe
      C:\Users\Admin\AppData\Local\Temp\8dd6697fd272530800cb01eb25eee159.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:3976

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\8dd6697fd272530800cb01eb25eee159.exe
    Filesize

    169KB

    MD5

    adfc6a12c023df867221fe19cc2a73cf

    SHA1

    9f4a64da4b511e5dbfa56ef7145a905192b96a15

    SHA256

    b156255df7beeec6397f9ceb45f5c3729d2d65bfa929c208fa8adf62aee74e80

    SHA512

    fffffe8b857006b8f64013b5db760af223cc2f8d53f30900b18b3e23dfc9b59f35e833c703761f5f2c72bedae9f962a5cc01d86d70833af14cd065d93cdd33e5

    Download Submit

  • memory/3976-13-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3976-14-0x00000000001D0000-0x00000000001FF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/3976-20-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/3976-23-0x0000000004D90000-0x0000000004DAB000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4200-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/4200-1-0x00000000001D0000-0x00000000001FF000-memory.dmp

    Filesize

    188KB

    Download

  • memory/4200-2-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4200-11-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download