Overview

overview

7

Static

static

3

8fbd915dae...7f.exe

windows7-x64

7

8fbd915dae...7f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    136s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/02/2024, 17:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8fbd915dae51160a475ea237209ea47f.exe

  • Size

    1.9MB

  • MD5

    8fbd915dae51160a475ea237209ea47f

  • SHA1

    48d7d11cf6fb20b892529c189443ff345295d374

  • SHA256

    bde11228e6d777447de6127f344c3aeaa0f15f21ac559ff66da3eb6b5e7d5cc5

  • SHA512

    315df1440c82dfe82f0e3b99245d8aec22463dfc7f66be174320b60ffebd5986774bff6557d5050fdd82b7525be671885799c52f360de9db81c774401b1ec146

  • SSDEEP

    49152:Qoa1taC070dVCzBWCb0vi3aS41Eg3u3vwAEIkC2e1:Qoa1taC0wCzB0viKVEhPge1

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8fbd915dae51160a475ea237209ea47f.exe
    "C:\Users\Admin\AppData\Local\Temp\8fbd915dae51160a475ea237209ea47f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Users\Admin\AppData\Local\Temp\E465.tmp
      "C:\Users\Admin\AppData\Local\Temp\E465.tmp" --splashC:\Users\Admin\AppData\Local\Temp\8fbd915dae51160a475ea237209ea47f.exe 8080F485964B2C72799AF6D576D97E86F39BF6166E6C0EEE066FBF9C7B73E1E5D819F9368BB48420BE8E5AF56DAE00B0840B8A47DC2FDAFA854A34359C713E6B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:4028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\E465.tmp
    Filesize

    1.9MB

    MD5

    884094ece260c64b07b196f30ee4e10a

    SHA1

    14b726c761fa8f56e404c47ba59922242374f358

    SHA256

    ff07447246cb515e500c38bce8c25339d70267a6bcbfe6fb67826dab0725dfe8

    SHA512

    7f60f8a89f7b09c89b8fe91c7486b826c6b940abfe467bd99319bfdc4d2427b50ebb15a8c87011d8cc48fd2a4381974b404ad4e5f99a0266e9cca1990dd6a6ec

    Download Submit

  • memory/2288-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/4028-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download