Overview

overview

7

Static

static

3

8de078bfea...e5.exe

windows7-x64

7

8de078bfea...e5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    04/02/2024, 01:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8de078bfea2d74a72d767bc0a83b56e5.exe

  • Size

    1.9MB

  • MD5

    8de078bfea2d74a72d767bc0a83b56e5

  • SHA1

    56b670c368760489bd4c32ccdc0b49bca0625ed3

  • SHA256

    527220a6dcd4f634c9f5e59c8e3f1742c7dfef13e0b53b8b28bc03e0452c8927

  • SHA512

    796f71297d2d46b5cec0b5ab05f4ffde161985fb9d60179d1923bdf56c8453bf574dea7b115d619110d91199d729e8b1b86637173ea910bafe7f38feb1ae5138

  • SSDEEP

    49152:Qoa1taC070d4Fdzydzv7JU4U9y+P6MePQW053SU:Qoa1taC09OJU4Uc+P4u3SU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8de078bfea2d74a72d767bc0a83b56e5.exe
    "C:\Users\Admin\AppData\Local\Temp\8de078bfea2d74a72d767bc0a83b56e5.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Users\Admin\AppData\Local\Temp\66BF.tmp
      "C:\Users\Admin\AppData\Local\Temp\66BF.tmp" --splashC:\Users\Admin\AppData\Local\Temp\8de078bfea2d74a72d767bc0a83b56e5.exe 82DCD72FBDC6CBBDE26B3E9524F7CD3EC5E44EA46A1862AFDAD905B0EB42D0EFCF0B66807D318D5E02366025DED7F954C8A3B3662B8479D37A77765D2779B87F
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2740

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\66BF.tmp
          Filesize

          1.9MB

          MD5

          9c9f2289eef6e71ac050011a9bc5ce63

          SHA1

          d006657e51e25614667109a914506f7008f7de80

          SHA256

          3731f8e459e11c9c0f50fe1fec5346f314367b92e7e06c3584155a53f60bad60

          SHA512

          58961b6719185ac4e6c6d36e340e2ce66c1a8994228149f6322a1c8b75c1080e947cb06e721784041b4493f07a207b193e99e2c815d6742a52988257a223b60e

          Download Submit

        • memory/2336-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2740-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download