Overview

overview

7

Static

static

3

a707e895f2...e5.exe

windows7-x64

7

a707e895f2...e5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    12/03/2024, 23:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe

  • Size

    557KB

  • MD5

    d4a402e235d6bd1f9d5d14486c0d8638

  • SHA1

    84151c98c5bd7f62719ba2efa849ff210edf2b84

  • SHA256

    a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5

  • SHA512

    b18d45b55b7307a15ff9cf5714f5573a449091334db33b45f6a053f41249ed7286181ad9015b1eb3445658ab9a701ceb9b13a0ba75301f5fe23fce52fdc87738

  • SSDEEP

    12288:DWBm+95nHfF2mgewFl5Qw9Cav46r3Duhw1kfgjdkAev3dS59H:DWBz95ndbgfl5Qy146nuhgjTev3dS59H

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe
    "C:\Users\Admin\AppData\Local\Temp\a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2512
    • C:\Users\Admin\AppData\Local\Temp\23B6.tmp
      "C:\Users\Admin\AppData\Local\Temp\23B6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe 746CBCFA7CEB537A63A30F311D5E5C39F53719E448683355240BA904B86D2C172387D6D503E245FF72F86EB5B2823AB9822BFA93AB45648B2CD62754E48DA0B9
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\23B6.tmp
    Filesize

    557KB

    MD5

    a6d5eedfedda630a77e3f02b46de2b81

    SHA1

    f85505a5e460e0381115b5c85935c5eb254d894b

    SHA256

    920f4f067d0c038400516132c01284d968c4313479ffa4722d5a9d9add83f56c

    SHA512

    0eb3127e033070a60a4a33d656f16e66016f1eae23f8037d2d45d10738cdad50416700a7bcea6ac1116d348df6ed44adc64ad8a87a441ad1c5e2af04c94f1ab8

    Download Submit

  • memory/2196-7-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2196-8-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2512-0-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2512-6-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download