Overview

overview

7

Static

static

3

c77c52ee54...a3.exe

windows7-x64

7

c77c52ee54...a3.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-03-2024 02:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c77c52ee547d6ebe30a5a27020a9fba3.exe

  • Size

    1.9MB

  • MD5

    c77c52ee547d6ebe30a5a27020a9fba3

  • SHA1

    21ced22cecfd838ecc42df1fcdf559496087ca61

  • SHA256

    beee087eb16700e659673e8f235599715ac64744e5c13413b28e69721af677fa

  • SHA512

    ba4ab73e38c027e575e7390cd9a77b125ce8b08b23f0a46860a15c74a1198c659b80d6e6f4ba85c256dd512c63405d181bdd58d1693317701d1a34de699f3899

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dqPHuhZd+w4lLdDb/8mT79+OdI7EWukHYmZMT:Qoa1taC070doCb+vd//3klboaKaPQH

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c77c52ee547d6ebe30a5a27020a9fba3.exe
    "C:\Users\Admin\AppData\Local\Temp\c77c52ee547d6ebe30a5a27020a9fba3.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1488
    • C:\Users\Admin\AppData\Local\Temp\532F.tmp
      "C:\Users\Admin\AppData\Local\Temp\532F.tmp" --splashC:\Users\Admin\AppData\Local\Temp\c77c52ee547d6ebe30a5a27020a9fba3.exe C7FEE227B5B1AF1E055CF63BF07FB3DC0F1DEC1E0A40996DCE8804773BD9387075156A55955303668FD3DC9698ECBBC380FE7579D25725015D8DD1285E9A73C5
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1956

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\532F.tmp
    Filesize

    1.9MB

    MD5

    cb0f3a4f59584745394f53da8e05822c

    SHA1

    3de92cf29cbf71fc5916645fb57fe90bb2a942a9

    SHA256

    2069ab584e842db4ea61c5ee77471799d5a26ae285d08412b77915fc3480b652

    SHA512

    e5f096af28650a25a9b96acfa59851df16e53c09ed671ffab90bf6eb97672a9fe520b04067a700c12061d3edf5100d0a384ae49a905b31a04d36ebcd818cff3f

    Download Submit

  • memory/1488-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/1956-6-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download