Overview

overview

7

Static

static

3

a707e895f2...e5.exe

windows7-x64

7

a707e895f2...e5.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/03/2024, 23:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe

  • Size

    557KB

  • MD5

    d4a402e235d6bd1f9d5d14486c0d8638

  • SHA1

    84151c98c5bd7f62719ba2efa849ff210edf2b84

  • SHA256

    a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5

  • SHA512

    b18d45b55b7307a15ff9cf5714f5573a449091334db33b45f6a053f41249ed7286181ad9015b1eb3445658ab9a701ceb9b13a0ba75301f5fe23fce52fdc87738

  • SSDEEP

    12288:DWBm+95nHfF2mgewFl5Qw9Cav46r3Duhw1kfgjdkAev3dS59H:DWBz95ndbgfl5Qy146nuhgjTev3dS59H

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe
    "C:\Users\Admin\AppData\Local\Temp\a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4828
    • C:\Users\Admin\AppData\Local\Temp\7772.tmp
      "C:\Users\Admin\AppData\Local\Temp\7772.tmp" --pingC:\Users\Admin\AppData\Local\Temp\a707e895f281aba46e6171aed03240c9e8cf5077322f6d5a5f8bbdd5751975e5.exe 9386C404B5A482F3DBE76FC211C2FD0EA97A22CB64AE5B02B71F377772EA854DC917DBBA42CC775C3CDCF571F19422C98A46D044ABE08B369188ABF21F86F39C
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\7772.tmp
    Filesize

    557KB

    MD5

    24d6c7f4ce120f3c9dd1f45134cc95a4

    SHA1

    36fcf55f030058bd9f99c72db24b329361d74c26

    SHA256

    3a38fce74442f6d1d73aedde5fd54b55985aba419640cd219f67c946be7e96c2

    SHA512

    b31cd24a61f96fb9c3ecb19857bd00e78b0990b89d5ab1c8d5e49d657845cbe5eacd341176a51557be8089ceae3023d3382e6edefd0974abeef5428125b37c8f

    Download Submit

  • memory/2868-6-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/2868-7-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/4828-0-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download

  • memory/4828-5-0x0000000000400000-0x000000000048F000-memory.dmp

    Filesize

    572KB

    Download