Overview

overview

7

Static

static

3

c57cc3714f...c3.exe

windows7-x64

7

c57cc3714f...c3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 00:09 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c57cc3714f3586344caa2e28983a5d1a01b0376962ef169a04a7ed72056b79c3.exe

  • Size

    73KB

  • MD5

    b6ffe9a984be933ffb7d60813a76ec53

  • SHA1

    902c1a85ed7adc962aa59df5d0701d44302e8457

  • SHA256

    c57cc3714f3586344caa2e28983a5d1a01b0376962ef169a04a7ed72056b79c3

  • SHA512

    2a190d513115ac0f4efaa896cc3085549c5ee86f64fe65fde5ca47badbb6c777c2b926f1431f5194c074285724a44cdd535b6c84a0422226a0be70a8b5ce6e2f

  • SSDEEP

    1536:hbaJyhXkbRTJVK5QPqfhVWbdsmA+RjPFLC+e5hR0ZGUGf2g:hEyhXkNJVNPqfcxA+HFshROg

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c57cc3714f3586344caa2e28983a5d1a01b0376962ef169a04a7ed72056b79c3.exe
    "C:\Users\Admin\AppData\Local\Temp\c57cc3714f3586344caa2e28983a5d1a01b0376962ef169a04a7ed72056b79c3.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2248
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c $TMP!10@.COM
      2⤵
      • Loads dropped DLL
      • Suspicious use of WriteProcessMemory
      PID:3036
      • C:\Users\Admin\AppData\Local\Temp\$TMP!10@.COM
        $TMP!10@.COM
        3⤵
        • Executes dropped EXE
        • Suspicious use of WriteProcessMemory
        PID:2076
        • C:\Windows\SysWOW64\cmd.exe
          C:\Windows\system32\cmd.exe /c 00.exe
          4⤵
            PID:2612

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • \Users\Admin\AppData\Local\Temp\$TMP!10@.COM
      Filesize

      73KB

      MD5

      ab9a69edd747d98933de6d53d6888c31

      SHA1

      011d632f44fc641beace4150351fb1284a7072e5

      SHA256

      e396d1868d1722544e87acfb7189c390a93880989f09d66bdd2a16ffbf7a39da

      SHA512

      279af02fb609fbb56ebc1716e6360a524d595cf26c4fcd91ae7e14758519ca9cfb92f4c8a52a4463023260454b27882b1d06f6bce5ef2c7288998b20a4f2be12

      Download Submit

    • memory/2076-10-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    • memory/2248-11-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.