Overview

overview

7

Static

static

3

a1ac558b7b...8f.exe

windows7-x64

7

a1ac558b7b...8f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240221-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240221-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-02-2024 10:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a1ac558b7bce0e54f9c3dd566924f08f.exe

  • Size

    1.9MB

  • MD5

    a1ac558b7bce0e54f9c3dd566924f08f

  • SHA1

    06069040c10764c62c03536c1c8863263b4824d7

  • SHA256

    a6d5618968b7e84fad19d98c28fee31fa5feefc0af431107a53fd8f5f74dc219

  • SHA512

    6321d2d003635e6ba9bedf31fde31bd1ba06d09768daf2226476e8734916a026c0c419cfd9961d12b59cb0357b9f410e31debeae0f07c09052a777bb849c9d6f

  • SSDEEP

    49152:Qoa1taC070d6cCGU2/eiJP8/P7Rah72TMIOpzS:Qoa1taC0H3li90NYKwIKzS

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a1ac558b7bce0e54f9c3dd566924f08f.exe
    "C:\Users\Admin\AppData\Local\Temp\a1ac558b7bce0e54f9c3dd566924f08f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3716
    • C:\Users\Admin\AppData\Local\Temp\3C6D.tmp
      "C:\Users\Admin\AppData\Local\Temp\3C6D.tmp" --splashC:\Users\Admin\AppData\Local\Temp\a1ac558b7bce0e54f9c3dd566924f08f.exe 5959B3E5B2EF5FC64EC850BD0C34B4EA0AB1D9238CA918544CCB7BF3BA3DE9765CE082A6D6FFC773B9590914E936DAA4856F87F1AC33FC24B01C286EF3E19061
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\3C6D.tmp
    Filesize

    1.9MB

    MD5

    253ae881ea64bf7d9248c0bd35080515

    SHA1

    1c72735c609820ea082f8f47ceb812c4c1e48795

    SHA256

    18c6b36ecc30c579a51946c9ee7d1cf4439c088c795326f5f9dae3bd296df7e8

    SHA512

    5e57ed242a093abe2aa29c00bd1f7014c8c9729edf8d5b4873a10f484522b1cf03c1a1f99fff6387a1820ed760c500781e264295ad91fe1000c03095f1adb2ba

    Download Submit

  • memory/3716-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/3936-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download