7c25dac4fd97ac041aee989706ee614a2bf91f45f4ea4239898ed5d60d4cc52b

Analysis

max time kernel
3s
max time network
3s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
10/03/2024, 14:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bee5f2fad8536de09059278ee803b902.exe
Size

9.4MB
MD5

bee5f2fad8536de09059278ee803b902
SHA1

869dcf08ef1f5d9fe23ef56986eec4c3d5041b65
SHA256

7c25dac4fd97ac041aee989706ee614a2bf91f45f4ea4239898ed5d60d4cc52b
SHA512

fd322f6b5016f316f74d0b5d6cfa8e2f3328852cf0818fd58864b57e757240bec6047a38a09b3f1d3e483227d11612eb14e2ab7b63b3bdf5e1f1c64f6b101964
SSDEEP

49152:EQFRHrmQG+wrmQG+brmQG+CQrmQG+wrxQG+CQrmQG+wrHIQG+wrJmQG+brmQG+CI:EcKOvpxZpxgYvpx62vpxdEvpx

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 1 IoCs

pid	Process
2604	wtpjex.exe

Loads dropped DLL 2 IoCs

pid	Process
3032	bee5f2fad8536de09059278ee803b902.exe
3032	bee5f2fad8536de09059278ee803b902.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 3032 wrote to memory of 2604	3032	bee5f2fad8536de09059278ee803b902.exe	28
PID 3032 wrote to memory of 2604	3032	bee5f2fad8536de09059278ee803b902.exe	28
PID 3032 wrote to memory of 2604	3032	bee5f2fad8536de09059278ee803b902.exe	28
PID 3032 wrote to memory of 2604	3032	bee5f2fad8536de09059278ee803b902.exe	28

C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe
"C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:3032
- C:\Users\Admin\AppData\Local\Temp\wtpjex.exe
  C:\Users\Admin\AppData\Local\Temp\wtpjex.exe -run C:\Users\Admin\AppData\Local\Temp\bee5f2fad8536de09059278ee803b902.exe
  2⤵
  - Executes dropped EXE
  PID:2604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\wtpjex.exe

Filesize
6.8MB

MD5
69f660f33e51746ea75442d4d655c4c1

SHA1
c01780d533e8025d46da73886692850195326c44

SHA256
fc94138c0874588c9a93ceace42326b52de0ae7a483e94bdd5f23ea13f006343

SHA512
6ad1e7ff0b8ec1531934105d11f01adab50ed5cbc99f2ff0a4546df85fcb0252267ff36789add8403ced6ede0391aaf52dffec34512f8479869eeb76543e3a40

Download Submit
C:\Users\Admin\AppData\Local\Temp\wtpjex.exe

Filesize
6.5MB

MD5
478ced5467009c48232ea9b0ebf581d2

SHA1
dbc1a0f6221c7b0675393131748ececbb307499e

SHA256
306e84e05c02e99f1317deea3ccf012243fdff378ca133fdf9dbea5a08d67357

SHA512
2d0ca8f76b7aba937a7e1064aceee288d33d20c75335b16c22de48c57005befcd8ee800a4c0c140383f37e1bc0d198edcb94a945c78c273fdac8632f8f40b247

Download Submit
C:\Users\Admin\AppData\Local\Temp\wtpjex.exe

Filesize
5.8MB

MD5
829998370a81463554d542fc8b53d943

SHA1
99037e2d8140506b3285e97e9b2a997c83197603

SHA256
3c0f228016abe7915d604d94b8c011ab357b59a815024c2cbfe688d319a92436

SHA512
cb2a67835721071b890e4cb79b8a9fc6d54a060e9d03e50b2108068f48948fba3532be0caa1e598aa0b823ccc15107713014f32116025c669e5cde88734ad248

Download Submit
\Users\Admin\AppData\Local\Temp\wtpjex.exe

Filesize
192KB

MD5
e37c01f65f5a809f52f49309d8252e6f

SHA1
1e981bbd031ca3729576b4bfe102fc5404bbcb0e

SHA256
95238a4a86669426a0f16e69634d9401ac62562604bcb7f7c385f58f4573e3d0

SHA512
8bf746d5b192a2f8de487d1f87b31609292996fe62ccc8f97df8c4db8d59a1a4090b8f3de15fc4f7a0059662d026ec91f0f8eb6f06a500b727de8c21643aaa1a

Download Submit
\Users\Admin\AppData\Local\Temp\wtpjex.exe

Filesize
7.3MB

MD5
759ab83affd4a198e5ded821f49cab8b

SHA1
f2ec4e0f1c1d6883ab9a0137f9ddc4f171b61985

SHA256
ac7a16af48f5696a48958be13e8b8c0b1443dc8699746d42c1a7c397d690e182

SHA512
e43c8a1ec8c110cef1ffacdc54f9cc3fdc561f21777d6f24a36b2197c69d92b3329d1f1eca0fa80ba0408bb77bcf3778be8d1f348ee23a428e099e7ba5466ebc

Download Submit
memory/2604-73-0x0000000002B00000-0x0000000002B01000-memory.dmp

Filesize
4KB

Download
memory/2604-72-0x0000000002B00000-0x0000000002B01000-memory.dmp

Filesize
4KB

Download
memory/3032-12-0x0000000001EE0000-0x0000000001EE1000-memory.dmp

Filesize
4KB

Download
memory/3032-37-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-10-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download
memory/3032-9-0x0000000002B10000-0x0000000002B11000-memory.dmp

Filesize
4KB

Download
memory/3032-8-0x00000000005B0000-0x00000000005B1000-memory.dmp

Filesize
4KB

Download
memory/3032-7-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/3032-6-0x0000000000250000-0x0000000000251000-memory.dmp

Filesize
4KB

Download
memory/3032-5-0x0000000000540000-0x0000000000541000-memory.dmp

Filesize
4KB

Download
memory/3032-3-0x00000000003E0000-0x00000000003E1000-memory.dmp

Filesize
4KB

Download
memory/3032-4-0x0000000000260000-0x0000000000261000-memory.dmp

Filesize
4KB

Download
memory/3032-27-0x0000000002370000-0x0000000002371000-memory.dmp

Filesize
4KB

Download
memory/3032-26-0x0000000002390000-0x0000000002391000-memory.dmp

Filesize
4KB

Download
memory/3032-25-0x0000000002350000-0x0000000002351000-memory.dmp

Filesize
4KB

Download
memory/3032-28-0x0000000002AF0000-0x0000000002AF6000-memory.dmp

Filesize
24KB

Download
memory/3032-24-0x0000000001F30000-0x0000000001F31000-memory.dmp

Filesize
4KB

Download
memory/3032-35-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-22-0x0000000002330000-0x0000000002331000-memory.dmp

Filesize
4KB

Download
memory/3032-21-0x0000000002340000-0x0000000002341000-memory.dmp

Filesize
4KB

Download
memory/3032-20-0x0000000002380000-0x0000000002381000-memory.dmp

Filesize
4KB

Download
memory/3032-19-0x0000000001F00000-0x0000000001F01000-memory.dmp

Filesize
4KB

Download
memory/3032-18-0x0000000001EF0000-0x0000000001EF1000-memory.dmp

Filesize
4KB

Download
memory/3032-29-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-17-0x0000000001EB0000-0x0000000001EB1000-memory.dmp

Filesize
4KB

Download
memory/3032-16-0x0000000001E80000-0x0000000001E81000-memory.dmp

Filesize
4KB

Download
memory/3032-15-0x0000000001EC0000-0x0000000001EC1000-memory.dmp

Filesize
4KB

Download
memory/3032-14-0x0000000001E90000-0x0000000001E91000-memory.dmp

Filesize
4KB

Download
memory/3032-13-0x0000000001EA0000-0x0000000001EA1000-memory.dmp

Filesize
4KB

Download
memory/3032-2-0x00000000005A0000-0x00000000005A1000-memory.dmp

Filesize
4KB

Download
memory/3032-31-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-32-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-11-0x0000000002B00000-0x0000000002B02000-memory.dmp

Filesize
8KB

Download
memory/3032-33-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-23-0x0000000002360000-0x0000000002361000-memory.dmp

Filesize
4KB

Download
memory/3032-36-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-34-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-38-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-39-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-40-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-41-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-42-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-43-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-44-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-45-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-46-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-47-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-48-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-49-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-50-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-51-0x0000000002BC0000-0x0000000002CC0000-memory.dmp

Filesize
1024KB

Download
memory/3032-53-0x0000000002BA0000-0x0000000002BA1000-memory.dmp

Filesize
4KB

Download
memory/3032-55-0x00000000001B0000-0x00000000001B1000-memory.dmp

Filesize
4KB

Download
memory/3032-58-0x00000000001C0000-0x00000000001C1000-memory.dmp

Filesize
4KB

Download
memory/3032-59-0x0000000002B40000-0x0000000002B41000-memory.dmp

Filesize
4KB

Download
memory/3032-54-0x0000000002BB0000-0x0000000002BB1000-memory.dmp

Filesize
4KB

Download
memory/3032-64-0x0000000002B30000-0x0000000002B31000-memory.dmp

Filesize
4KB

Download
memory/3032-66-0x0000000002B20000-0x0000000002B21000-memory.dmp

Filesize
4KB

Download
memory/3032-67-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/3032-70-0x0000000002B90000-0x0000000002B91000-memory.dmp

Filesize
4KB

Download
memory/3032-69-0x0000000001D30000-0x0000000001D80000-memory.dmp

Filesize
320KB

Download
memory/3032-1-0x0000000001D30000-0x0000000001D80000-memory.dmp

Filesize
320KB

Download
memory/3032-0-0x0000000000400000-0x0000000000536000-memory.dmp

Filesize
1.2MB

Download
memory/3032-68-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download
memory/3032-52-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads