Overview

overview

7

Static

static

3

a2a9b7867e...6f.exe

windows7-x64

7

a2a9b7867e...6f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/03/2024, 22:56

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    a2a9b7867e4ae91b03759f1c3153c0d87415a90358be8ee98ea15edf890c0a6f.exe

  • Size

    433KB

  • MD5

    67ebb6e5cac11fd85031ed93e6958524

  • SHA1

    2fd6cb5f8e67e87e29b11bf609d3eef4a13768f3

  • SHA256

    a2a9b7867e4ae91b03759f1c3153c0d87415a90358be8ee98ea15edf890c0a6f

  • SHA512

    d6c511de9f9804beb9a79d056c01ac9e31edca10b85998d9ff0ca3aa6f2b006961e1e3b87d444d41ccb9f4e52701a31899643b9c021f0af5c9550389a2d23847

  • SSDEEP

    6144:Cajdz4sTdDyyqiOXpOd0p6Jiv+vtv1S9CS1SE2deWcQv9cvNLFPydIUcPQmn:Ci4g+yU+0pAiv+CILEhQFgnaxmn

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2a9b7867e4ae91b03759f1c3153c0d87415a90358be8ee98ea15edf890c0a6f.exe
    "C:\Users\Admin\AppData\Local\Temp\a2a9b7867e4ae91b03759f1c3153c0d87415a90358be8ee98ea15edf890c0a6f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Users\Admin\AppData\Local\Temp\4F87.tmp
      "C:\Users\Admin\AppData\Local\Temp\4F87.tmp" --helpC:\Users\Admin\AppData\Local\Temp\a2a9b7867e4ae91b03759f1c3153c0d87415a90358be8ee98ea15edf890c0a6f.exe DF5D14D14E93B5980140626799B57D66FBDB289F6D7B8D5F641728B0987D27744C077EF9362FC1B37E6A777AA2453237311E3F3FAAF41AC5A210CDD0B3D1E012
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2196

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\4F87.tmp
          Filesize

          433KB

          MD5

          b45927a118fbf56a25e313e0f71de0d5

          SHA1

          e5799d8c2ed77a82f51d854a2a5c231d3f3c6701

          SHA256

          423160a44b9c21aaa8e4ed1c9a46f111104feb2c05badc0db6956bf0d6c6a8ff

          SHA512

          5cfaf506e900b781197cbe17d978a8fafc2734d569bfcd382ab27f8bbd19170611112ca62e24b55bec0b2c308efd8cd3f02459cdf6bf352d977413df0ebe4b87

          Download Submit