Overview

overview

7

Static

static

3

c07cb44daf...b2.exe

windows7-x64

7

c07cb44daf...b2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    11/03/2024, 11:33

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    c07cb44daf4ab409d821a53e382463b2.exe

  • Size

    1.9MB

  • MD5

    c07cb44daf4ab409d821a53e382463b2

  • SHA1

    f367029cfe10fabea9e9503b52f0a4d376f4615e

  • SHA256

    180e89ae101cc8104ad14fb55e09532d358fa37f62d2fa5c61cb2a074362edcc

  • SHA512

    836ff740cf77cdb9dfbd28e8366d441378b187da701511cf0482a802296a8b36ef71396f7f70d24b0d4ef5e86cddf5751c7937d03eb7a62010bfc68e979ae242

  • SSDEEP

    49152:Qoa1taC070drfNCWhjPww/jmASm2eVMLIC5Ws5vu:Qoa1taC0oVhjPww/jmMufE

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c07cb44daf4ab409d821a53e382463b2.exe
    "C:\Users\Admin\AppData\Local\Temp\c07cb44daf4ab409d821a53e382463b2.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2800
    • C:\Users\Admin\AppData\Local\Temp\115F.tmp
      "C:\Users\Admin\AppData\Local\Temp\115F.tmp" --splashC:\Users\Admin\AppData\Local\Temp\c07cb44daf4ab409d821a53e382463b2.exe 8EC7265FC1C89C9096631A3132D1CF2F4D6DAE73CCE0CF5C17B2F280BA08035EAADC5FB44269FC0E9349BC89387D24D6FA5BC5BC51EF4EC9462746D9B77731E8
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2288

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\115F.tmp
          Filesize

          1.9MB

          MD5

          5851421e38399a769cced9b69124b4d0

          SHA1

          310242811c7b4942dfbb79296b79bd955ff6f0fe

          SHA256

          78731cabd053ffe5c719eec83c11538d3b166486f71f1f4a16a4749735b2bfc4

          SHA512

          33af8a74fe3d74e8497f9c3acb5cd3699ca894ddf6f809044af25e1f5f9c656208a833e3fc20eecb18cfecdef804490cd1638482c706f751270b61e07cca3f01

          Download Submit

        • memory/2288-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2800-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download