Overview

overview

7

Static

static

3

5e615667e9...2b.exe

windows7-x64

7

5e615667e9...2b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    91s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/03/2024, 20:18

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b.exe

  • Size

    316KB

  • MD5

    3a1df6e310a91f8c028288437448397c

  • SHA1

    cf655370f090963d79af235cb41b45bdb7699e18

  • SHA256

    5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b

  • SHA512

    a81a1eec8f5b1e074cfce289dc11b3d8c87601a250e190e9c67cf562ef25a2b101531371c6a331b5ccc47176479d983921f0a31f873ead9e8c7a1a1d04281b28

  • SSDEEP

    6144:dnMfIq+XLROUxHXGmUReIyZyCcgHuVzOaO+tZG5:dMgZXNOUBXXRTOAz+G5

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b.exe
    "C:\Users\Admin\AppData\Local\Temp\5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2264
    • C:\Users\Admin\AppData\Local\Temp\5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b.exe.back
      "C:\Users\Admin\AppData\Local\Temp\5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b.exe.back"
      2⤵
      • Executes dropped EXE
      PID:2192

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\86GPDKUQ\publicfun[1].htm
          Filesize

          6KB

          MD5

          ae3b422dcf373d6049fd7561488c671a

          SHA1

          9aee24bbb270e78208e9c357c17b6ad4229bfae0

          SHA256

          12cce97f44c1ffbcf6925e667a4cdf1d69c50425e608bb7d2e1f72b0d84f4401

          SHA512

          29538be85d0767a8f965f0bc4bfe91169b9b63832093f94fccde8506aed19624c5960c299bcd0c4023dde2a354e245af4a1f9e368f4146b382c532b9831e4cb2

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\5e615667e9975454729c339b8650fa39ce2fe480f1bf6eb2c93f902c5f3df12b.exe.back
          Filesize

          316KB

          MD5

          6c239dc7da0aea62424cba03415283e9

          SHA1

          c58e3a55b1834d1ae20f0cf1b51397843a447787

          SHA256

          ea953e3605f5f6f4e1b0940404d72984d775683bf7bf6fc074eab689bfb77068

          SHA512

          2c453d70ba8d309198d3d48a93b4940ce8623bd6ffcdf36becabcfc45b1aa2b5d24e80408cc61fbb4413919edf968779f7123df2e453371930669e1a2933a4a9

          Download Submit