Overview

overview

7

Static

static

3

fbb826bbc3...66.exe

windows7-x64

7

fbb826bbc3...66.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    13/03/2024, 02:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666.exe

  • Size

    576KB

  • MD5

    91a36b4865cd1d4ef7fa75e45ef7692d

  • SHA1

    bba26f318345e98be0943a9b3bb34fab66aa0a5a

  • SHA256

    fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666

  • SHA512

    4f998806671f734fea5ae1ca81c2b38533066b3f0ca382f101b1aff64c0bf51d99fb55f7f6290d0fb2bf9700ae9b802c4963303abd57b4788062dc5c9dc1b3cd

  • SSDEEP

    12288:30MCimcN5QPFFBYiJQ2YBCCp3gmRcwuHUTh6XFRbf0ez0npM4dl0v5Jdm5IpXt1U:3RCTfyFTh6XFRbf0ezEM4dmv5BJtO

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666.exe
    "C:\Users\Admin\AppData\Local\Temp\fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:1992
    • C:\Users\Admin\AppData\Local\Temp\fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666.exe
      C:\Users\Admin\AppData\Local\Temp\fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\fbb826bbc31a790d153413f186d24bec70b273d59068d8ed881d12bfbaa64666.exe
    Filesize

    576KB

    MD5

    ee0089f7f5af41210f9cba43ff3c3993

    SHA1

    e5b2ec717dad2315930cc51250a567a566aa9bec

    SHA256

    57dfab6dd45f63c39cecfc2625f0f9ae710ab88806d33861e7e9e13ecbfcefff

    SHA512

    8399f2ce9354aeb9898b982a383795a81af403bcfede631ed2863e360af0d24777c03e1cce3c7351c469d0c2175166e48acbedcedf6d727a11dd2547473a340b

    Download Submit

  • memory/1992-0-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/1992-8-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2032-11-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2032-10-0x0000000000400000-0x0000000000440000-memory.dmp

    Filesize

    256KB

    Download

  • memory/2032-12-0x0000000000140000-0x0000000000180000-memory.dmp

    Filesize

    256KB

    Download