Overview

overview

7

Static

static

3

b76cabdf42...e1.exe

windows7-x64

7

b76cabdf42...e1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06-03-2024 12:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b76cabdf42a5b187520f180b60a445e1.exe

  • Size

    1.9MB

  • MD5

    b76cabdf42a5b187520f180b60a445e1

  • SHA1

    c49746fbfa419c020aa4959f517ed9fe98c9e969

  • SHA256

    57494750cce7160c5e2fa5757c0a7dd112ecba6609453647783f1e9738f3d640

  • SHA512

    ee840fe890c75752d6a422451a4c9b87748a37a874af3d9e0ea34d268172f90dc83920cc7be2851a461c6539172db3e70d8ac7bd22934851fb45a0c07d00e974

  • SSDEEP

    49152:Qoa1taC070dXUFvF/Hv+oCsg3xQCmGaLsnyw7e/:Qoa1taC02mvRtD4yAe/

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b76cabdf42a5b187520f180b60a445e1.exe
    "C:\Users\Admin\AppData\Local\Temp\b76cabdf42a5b187520f180b60a445e1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2116
    • C:\Users\Admin\AppData\Local\Temp\784D.tmp
      "C:\Users\Admin\AppData\Local\Temp\784D.tmp" --splashC:\Users\Admin\AppData\Local\Temp\b76cabdf42a5b187520f180b60a445e1.exe 4864785030A8899CAEF9CF600F839943CB821FD487420EFDEF65C3993A625AAED3B9E8712CAEDB3AE68BF3F6F866B61A9B9872EE43FEE4B57954A1529748B56C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\784D.tmp
    Filesize

    1.9MB

    MD5

    17963b27f26438c388769d65005a0b64

    SHA1

    c02751bc04b53c4c7a092ae0cf33f68e9f61b119

    SHA256

    20eb60ed78ee8ecd413a07584b66d7f7da2128969b0870a2d4c7ab99a4c60a2d

    SHA512

    4a2844dd41a1722dcf62fb4e14ec7dc9f5874eb53623b55aa0d7597f4d6d3afa2311439e75d5975eda5ff22902c5e64857c82cdccb743be0be9bf4106f804020

    Download Submit

  • memory/2116-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2704-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download