Overview

overview

10

Static

static

3

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...2).exe

windows7-x64

3

test - Cop...2).exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...3).exe

windows7-x64

3

test - Cop...3).exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...4).exe

windows7-x64

3

test - Cop...4).exe

windows10-2004-x64

7

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...2).exe

windows7-x64

3

test - Cop...2).exe

windows10-2004-x64

10

test - Cop...3).exe

windows7-x64

3

test - Cop...3).exe

windows10-2004-x64

10

test - Cop...2).exe

windows7-x64

3

test - Cop...2).exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

test - Cop...py.exe

windows7-x64

3

test - Cop...py.exe

windows10-2004-x64

10

Resubmissions

13-03-2024 08:45

240313-knsznahb2w 10

13-03-2024 08:44

240313-knhtpaah68 10

13-03-2024 08:44

240313-km8cysha9v 10

13-03-2024 08:43

240313-kms82aah48 10

12-03-2024 18:00

240312-wlevsshe86 10

12-03-2024 17:57

240312-wjxylahe48 10

12-03-2024 17:55

240312-whm21afc7t 10

12-03-2024 17:54

240312-wg7p1sfc5y 10

12-03-2024 17:53

240312-wgg5csfc3y 10

12-03-2024 17:52

240312-wf31fahd58 10

Analysis

  • max time kernel
    837s
  • max time network
    841s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    13-03-2024 08:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    test - Copy - Copy (3) - Copy.exe

  • Size

    6KB

  • MD5

    4634098fe194204dc03f967cc0b19cd6

  • SHA1

    eaa58619c6cea9f148cec61ee504cd727b3e80d8

  • SHA256

    a1070b8803e4243699a44a77e60a199282814495bc3bd94759c07021c0a6c70c

  • SHA512

    64e97fac56a25daf99f8ee1a9f480acc8020d5da4eb96ea77022c9170f6300b7b5479fce86e3e7e088cdaabdf123b65872e09b0ae17f8f97ea2fe58b6ecf7a9d

  • SSDEEP

    96:2Fb158Vgo4CVvAXklfZT8kYl9RxxgAVNb8ICcGKzNt:oMV1vAX+8kYDRxbLh4s

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\test - Copy - Copy (3) - Copy.exe
    "C:\Users\Admin\AppData\Local\Temp\test - Copy - Copy (3) - Copy.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2336
    • C:\Windows\system32\cmd.exe
      cmd /c ""C:\Users\Admin\AppData\Local\Temp\8wVxypKb.bat" "
      2⤵
        PID:2128

    Network

    MITRE ATT&CK Enterprise v15

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\8wVxypKb.bat
      Filesize

      421B

      MD5

      67d11b392feb0ad59fc11ff3e79dfeee

      SHA1

      7df5785988cb76c4893773614572c93baaa18717

      SHA256

      69bcf6c4c959410d5857ac219600cec68035bd92e708c0bf7318eece8d5acb9d

      SHA512

      50835d7dccb22cbf052a64ce2dd50df97f726b1d2044ab0e55ba42a2874601b6fe064f84659f89ce079627d147cf49d9548b24b2160a17783b934c6793507f11

      Download Submit

    • memory/2336-0-0x00000000009E0000-0x00000000009E8000-memory.dmp

      Filesize

      32KB

      Download

    • memory/2336-3-0x000007FEF54C0000-0x000007FEF5EAC000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2336-12-0x000007FEF54C0000-0x000007FEF5EAC000-memory.dmp

      Filesize

      9.9MB

      Download