Overview

overview

7

Static

static

3

c07cb44daf...b2.exe

windows7-x64

7

c07cb44daf...b2.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    95s
  • max time network
    149s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-03-2024 11:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c07cb44daf4ab409d821a53e382463b2.exe

  • Size

    1.9MB

  • MD5

    c07cb44daf4ab409d821a53e382463b2

  • SHA1

    f367029cfe10fabea9e9503b52f0a4d376f4615e

  • SHA256

    180e89ae101cc8104ad14fb55e09532d358fa37f62d2fa5c61cb2a074362edcc

  • SHA512

    836ff740cf77cdb9dfbd28e8366d441378b187da701511cf0482a802296a8b36ef71396f7f70d24b0d4ef5e86cddf5751c7937d03eb7a62010bfc68e979ae242

  • SSDEEP

    49152:Qoa1taC070drfNCWhjPww/jmASm2eVMLIC5Ws5vu:Qoa1taC0oVhjPww/jmMufE

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c07cb44daf4ab409d821a53e382463b2.exe
    "C:\Users\Admin\AppData\Local\Temp\c07cb44daf4ab409d821a53e382463b2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2172
    • C:\Users\Admin\AppData\Local\Temp\49AB.tmp
      "C:\Users\Admin\AppData\Local\Temp\49AB.tmp" --splashC:\Users\Admin\AppData\Local\Temp\c07cb44daf4ab409d821a53e382463b2.exe 7837B3B1EACA80FB6F27DD16D75DBE50596714522818E31F4EE42F7CDEF021D8145C1719CFAA27DC3EC12BCF832E4957341EC46294614C101BD00B51E87914FB
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\49AB.tmp
    Filesize

    1.9MB

    MD5

    88cbbc3fb6a276b0eb7cc75c7ff463e2

    SHA1

    f8b94400a2ddeb213b91d30a3e335e5c12ef3e3e

    SHA256

    a717efb6ea66004a0f550fe3bd5291802dd8ec24feef56bc121ed49b62eac272

    SHA512

    da2ef3ba5f10b48dba5afdbc34106779e7399cd56121db8505dff43eba125c05f9d9022f60476d7ed3360fa57f5cb99cc1ed01aef6271c80e3d75bccfa5dd463

    Download Submit

  • memory/2156-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/2172-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download