Overview

overview

7

Static

static

3

23b41ad1bd...f4.exe

windows7-x64

7

23b41ad1bd...f4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    137s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/03/2024, 18:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    23b41ad1bd68c80d237a752c64e1b4e1cbdab94b87da97155a50c1a8d1210df4.exe

  • Size

    7.0MB

  • MD5

    92207bbfa673152e59b594d91e82f1f8

  • SHA1

    b1a571c5dd55d8664c05ec96ae3283c71c171b99

  • SHA256

    23b41ad1bd68c80d237a752c64e1b4e1cbdab94b87da97155a50c1a8d1210df4

  • SHA512

    dc8f37973fae4d6ac35202ddf2b0fc3fb16ee251fc3da0b1d7a2d585dcad648a199c95be89485a8eefaf5e70b02a0fc31686f2c1441f6b7dd6cd61ec39a7dd6f

  • SSDEEP

    98304:emhd1Urye+YY9yzqxpwV7wQqZUha5jtSyZIUbn:el/zqxy2QbaZtliK

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\23b41ad1bd68c80d237a752c64e1b4e1cbdab94b87da97155a50c1a8d1210df4.exe
    "C:\Users\Admin\AppData\Local\Temp\23b41ad1bd68c80d237a752c64e1b4e1cbdab94b87da97155a50c1a8d1210df4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4968
    • C:\Users\Admin\AppData\Local\Temp\319F.tmp
      "C:\Users\Admin\AppData\Local\Temp\319F.tmp" --splashC:\Users\Admin\AppData\Local\Temp\23b41ad1bd68c80d237a752c64e1b4e1cbdab94b87da97155a50c1a8d1210df4.exe 79F3E1936A9AB2771CFD1A1B3C9855823844EAC53069F9B5DC2741C6CDF70FC2E8CE291764183889251EAEDDA65A92C9E3488EB560B51523437AF394EB9F6432
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1356

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\319F.tmp
          Filesize

          7.0MB

          MD5

          1bdad6ca03e819d399b9c4fd7d15338f

          SHA1

          1d34cd2172e7744b3a0b1e99881c3a918999e148

          SHA256

          e6924a6987c1830b946040855f7e7c1066c13b45872ae4991faa91554387f1ac

          SHA512

          def107138e49612c8c0d13c565d8284badba33bdfe9181abfafb918d2902681e86148c35d7354a28e8af7ceb3410682b2f3924007f997c371070674e4b6705fe

          Download Submit

        • memory/1356-5-0x0000000000400000-0x0000000000849000-memory.dmp

          Filesize

          4.3MB

          Download

        • memory/4968-0-0x0000000000400000-0x0000000000849000-memory.dmp

          Filesize

          4.3MB

          Download