Overview

overview

7

Static

static

3

be32b6da0d...0c.exe

windows7-x64

7

be32b6da0d...0c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 08:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    be32b6da0d08a5ea74a4851835f5500c.exe

  • Size

    1.9MB

  • MD5

    be32b6da0d08a5ea74a4851835f5500c

  • SHA1

    7c61da880137332403367a475fed1b8ccdf6cfef

  • SHA256

    881ec48553468d9245a112ede1f1695d0983d9013982fc54e0c1481745cf3284

  • SHA512

    7dcb981ac9310e1396056f046a1edfaed703c82d7b366f8a27c1240a3ff98b33edef076c3afa55a7fc9ffc1b0b64662a2f9821c517781a69f39d400ee575ce21

  • SSDEEP

    49152:Qoa1taC070dW3jjyI0obd3OMG+x5Ay3rlAcx:Qoa1taC0FiI0obd3OMvLAyBP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\be32b6da0d08a5ea74a4851835f5500c.exe
    "C:\Users\Admin\AppData\Local\Temp\be32b6da0d08a5ea74a4851835f5500c.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2192
    • C:\Users\Admin\AppData\Local\Temp\2E9F.tmp
      "C:\Users\Admin\AppData\Local\Temp\2E9F.tmp" --splashC:\Users\Admin\AppData\Local\Temp\be32b6da0d08a5ea74a4851835f5500c.exe AD03CB13AEA1C0575B84AC6262DD1A6D5CB35B94C7298B014BC4DAD4501202AEAB6D5CD469A4AC68D55A8674245CB6B0E767A22E087892E35CCEC43CAAB68734
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\2E9F.tmp
    Filesize

    1.9MB

    MD5

    0579c7399bbd0629d8192bf05860637d

    SHA1

    07e4dd79fb0f49bf4aa94ea0e18106d975c71531

    SHA256

    5e6ccbcd4722303383fddb4475140a5a152b26277f46cf41e6bfe6793513d132

    SHA512

    0d2baac58be54246588a4a916b593db4e178fc6bd46ef2f2210b0bcfa452ab30ede19bc3b11227c40350c6b32a37f2b076d3eb42e4d5af053c6781b555faa2af

    Download Submit

  • memory/2192-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2208-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download