Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
13/02/2024, 04:23
General
-
Target
c66cc315d022bcab0243b224ac754bf1.exe
-
Size
433KB
-
MD5
c66cc315d022bcab0243b224ac754bf1
-
SHA1
beaeefe92df6828410ed861ff6d4d67b2fb5d26d
-
SHA256
6a307b88041641bc9ef04eb9a2db6dfb532c94de17c15744cdb57f08a69fd940
-
SHA512
f830cb524741e3315512b4f782b5464eb8d1fbf67c1d3481015c91827c9fa98dd1614a456890d15aa96d61c37105cafa469ce9d81f8f774a5c7a8726893181e2
-
SSDEEP
6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtviK1d+D34U/Jk2SFtEfpiQ0i7y4QRR4DLJoL:Ci4g+yU+0pAiv+T1d6ho67zpzkMYHn
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\c66cc315d022bcab0243b224ac754bf1.exe"C:\Users\Admin\AppData\Local\Temp\c66cc315d022bcab0243b224ac754bf1.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\7916.tmp"C:\Users\Admin\AppData\Local\Temp\7916.tmp" --helpC:\Users\Admin\AppData\Local\Temp\c66cc315d022bcab0243b224ac754bf1.exe 6045674FA5B1FA867D877B6B81B0E5D0B70091317A9704E2C72E0CD3219BC8300D182D88D2DD160E1C12EEF9D8C2F75B18B71DC71633FE6BD4CD3E82616EA6A02⤵
- Deletes itself
- Executes dropped EXE
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
433KB
MD57afaee53ea100574c87f578fa17b030b
SHA193237780aa5893ccf7fb4de309df18d570154d4d
SHA2564f448038d595ad3613c1ffe70285e3a275c8a5195b9a854ec8afb3009cc7b50e
SHA512fe04d714b917c43fac5c1a4bb56576bf2c09b35e407bbda939f2398bafb9a6d2a96288c0cf6ceeedfa1e777932bfbd6c6889aff4460edfd71b5b5a5e6d80345d