Overview

overview

7

Static

static

3

8b239cdbfe...31.exe

windows7-x64

7

8b239cdbfe...31.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08-03-2024 20:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331.exe

  • Size

    192KB

  • MD5

    96952c967785066bc967b32f5c872cd8

  • SHA1

    fef744d200a63aae14bf0ead86c365bef6744155

  • SHA256

    8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331

  • SHA512

    c3f1b9a1c125d4ae5c2ae535d36e8cb7305b60cb5ff7579d505365cf787c3ae8f50fe9aba1749ccf4a5026c539e569f19e000f261050987e9441d176eacf2203

  • SSDEEP

    3072:X57bDPy1K271oZvVLczuDrjdGzgvcTMvgWih9lPMU97yHzoVkCl8BsYkjLlNNNIC:Jbjw76rjBkNWihRys+I8BEjLlNIDEqZq

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331.exe
    "C:\Users\Admin\AppData\Local\Temp\8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2992
    • C:\Users\Admin\AppData\Local\Temp\8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331.exe
      C:\Users\Admin\AppData\Local\Temp\8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\8b239cdbfef7d7548d2c90346f8b2c672fad96c4776c4eab3536cec3de1d6331.exe
    Filesize

    192KB

    MD5

    0c25268e2a4bdf7dd491338c7645b44b

    SHA1

    222cf2fa11eeb0fceba9dad8a705fe348b2b8379

    SHA256

    2b9909c32e4de5a42b92d3058bbd4d70870700a53bbe4325f0b640a42f9a74ee

    SHA512

    5ab94970a505478ab73a88703f9d57cb103dbc8e0919566a16113edb9b7120f99278b555486fdec0ca6d11f99195498e7315c1bd78d85391bf0970b032019ce9

    Download Submit

  • memory/2168-11-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2168-12-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2992-0-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2992-9-0x0000000000400000-0x0000000000438000-memory.dmp

    Filesize

    224KB

    Download

  • memory/2992-6-0x0000000000130000-0x0000000000168000-memory.dmp

    Filesize

    224KB

    Download