Overview

overview

7

Static

static

3

WEB.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    584s
  • max time network
    1171s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/02/2024, 21:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    WEB.exe

  • Size

    5.7MB

  • MD5

    bb4a9de067997f0def308761300567e1

  • SHA1

    500881ece61319dda2fb20a500b6a253c07ab49a

  • SHA256

    9be0ca95a4ae73d3e4480d127bbe7d0cc6f8456953a791d615382db2f7d38670

  • SHA512

    4033a01693166c7f14214253c699cab6848eb46cb8f1e2979d71fabaff2fed059ca7a9e4cbc44f5342455ce578c2bf8649d2cec2bc40fc84c3a405aceb451511

  • SSDEEP

    98304:n+8UwZh2uW5MI079g+D3O7/Xuy/+7F+7cET5hnd60v2k5D9VH:n+3wZEL2V76+D3c/f/+ScEVRs0+yD9VH

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\WEB.exe
    "C:\Users\Admin\AppData\Local\Temp\WEB.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3436
    • C:\Users\Admin\AppData\Local\Temp\WEB.exe
      "C:\Users\Admin\AppData\Local\Temp\WEB.exe"
      2⤵
      • Loads dropped DLL
      PID:4288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI34362\VCRUNTIME140.dll
    Filesize

    96KB

    MD5

    f12681a472b9dd04a812e16096514974

    SHA1

    6fd102eb3e0b0e6eef08118d71f28702d1a9067c

    SHA256

    d66c3b47091ceb3f8d3cc165a43d285ae919211a0c0fcb74491ee574d8d464f8

    SHA512

    7d3accbf84de73fb0c5c0de812a9ed600d39cd7ed0f99527ca86a57ce63f48765a370e913e3a46ffc2ccd48ee07d823dafdd157710eef9e7cc1eb7505dc323a2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI34362\base_library.zip
    Filesize

    1.0MB

    MD5

    b697d3fb4d9276c35e89afac262aa685

    SHA1

    c9577015c3cb971ab9b8402a94644e9dbb277710

    SHA256

    2c2ad2a42f9976aca0595ac9dd2ce68dfcf48f6988fa552c30285f4e9d37bd92

    SHA512

    ba62d94cdcaddcea33756228807d602b3debfb99ee4e86da5af6460c541e3492620467b086efb3290436decfaa608a602d6a753a21bad95b939e0eb8e6f40d73

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI34362\python310.dll
    Filesize

    4.3MB

    MD5

    c80b5cb43e5fe7948c3562c1fff1254e

    SHA1

    f73cb1fb9445c96ecd56b984a1822e502e71ab9d

    SHA256

    058925e4bbfcb460a3c00ec824b8390583baef0c780a7c7ff01d43d9eec45f20

    SHA512

    faa97a9d5d2a0bf78123f19f8657c24921b907268938c26f79e1df6d667f7bee564259a3a11022e8629996406cda9fa00434bb2b1de3e10b9bddc59708dbad81

    Download Submit