Overview

overview

7

Static

static

3

53802e04dc...c1.exe

windows7-x64

7

53802e04dc...c1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    08/03/2024, 19:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1.exe

  • Size

    416KB

  • MD5

    f2c09d0051a485e01744c0476a94f630

  • SHA1

    d960bc4a5ffbefa75e993f81f99b3a6269a2a7e3

  • SHA256

    53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1

  • SHA512

    e1d146f48d40fe9ecb4d44d616065c5c010d62ca1f675c18bcf4b4cec580e32a060a9eb777fc6fc89de5e240bfdd8d6b532b11513fe0f2ae8d744ca5b0a8d696

  • SSDEEP

    12288:e/8ohrqawakjYeF4/SiotZwJRa2vLPjfx5m84prF:uNqawakjYeF4/SiotZwJRa2vLPjfx5m5

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1.exe
    "C:\Users\Admin\AppData\Local\Temp\53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2924
    • C:\Users\Admin\AppData\Local\Temp\53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1.exe
      C:\Users\Admin\AppData\Local\Temp\53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2744

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\53802e04dc63d578e63746e7fdb69758825914764b3b737dfb9f4537ba45a3c1.exe
          Filesize

          416KB

          MD5

          dcdac1874a2144d4e9b9d18ba1fe81b0

          SHA1

          c1dfe0e49faa1136cf8066db9d6f9df946a9dc59

          SHA256

          93e4ac1ef707eea6aaf56ab45ce1a179d4f8b4c4762194c9769b111bf5fdda6d

          SHA512

          93c8038baef1a69a64adb3a027f3cf8fe347719e5c301e015ef7f88fee72cecc9ae18fab91d025e32c7162be808f9dc7396b46bbfbfa2fbdca638650a31d92f6

          Download Submit

        • memory/2744-10-0x0000000000400000-0x0000000000439000-memory.dmp

          Filesize

          228KB

          Download

        • memory/2744-11-0x0000000000400000-0x000000000041A000-memory.dmp

          Filesize

          104KB

          Download

        • memory/2744-15-0x00000000002C0000-0x00000000002F9000-memory.dmp

          Filesize

          228KB

          Download

        • memory/2924-0-0x0000000000400000-0x0000000000439000-memory.dmp

          Filesize

          228KB

          Download

        • memory/2924-8-0x0000000000400000-0x0000000000439000-memory.dmp

          Filesize

          228KB

          Download