Overview

overview

7

Static

static

3

c7b238b313...84.exe

windows7-x64

7

c7b238b313...84.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    14-03-2024 04:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7b238b313e58abff1e3c86ecfffe084.exe

  • Size

    1.1MB

  • MD5

    c7b238b313e58abff1e3c86ecfffe084

  • SHA1

    c37caaf5063176ed83c968f1cdbe4493c4a2ee9f

  • SHA256

    7e3cc1a0a7cbb171be733b3835d77dc0b1c8e6e2159b5e988b53752628f68282

  • SHA512

    1d72c03f43e39122e47e57817854387393bbe8c797819eab09f8992c6419a5ad08c00e1f5f5020fb100847878fe712a82aa47457011b7c3693dcb3d38ffbc263

  • SSDEEP

    24576:SypW9SgLNZaOdcTMuUvxIgAFOS2B6wl0zwkkX3+FpHcFPpgEjam1I0idjlQ:St9SgLNZa6xI3FdjzwkWWHcFPjrIl3Q

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c7b238b313e58abff1e3c86ecfffe084.exe
    "C:\Users\Admin\AppData\Local\Temp\c7b238b313e58abff1e3c86ecfffe084.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:640
    • C:\Users\Admin\AppData\Local\Temp\93E6.tmp
      "C:\Users\Admin\AppData\Local\Temp\93E6.tmp" --pingC:\Users\Admin\AppData\Local\Temp\c7b238b313e58abff1e3c86ecfffe084.exe 56F67A0D097092F064D21D82B7E60A94D608274B2F8FD4D0574BCA4B523DB141033F51F40C9BC1A53B2D99584B3CB38D54C45986C34480D80C4518B1206B2B21
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1352

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\93E6.tmp
    Filesize

    1.1MB

    MD5

    838d9713d1d0b66cfd831dcb2d4b7c34

    SHA1

    9bb8d9821ee98dfce29a321c281731b3ffb25e34

    SHA256

    4c2159388f8751bd947b410f70438cf3b7c6698b68baacdef48121b91115bcec

    SHA512

    23a3632d4968616100f0d6dd64d2377c64517f8c6ef4a23fd4353639613b71c16e6b996087079e9ffd462356f7cbbfaa9f845016108ec4a4e78d6cf2edc41009

    Download Submit

  • memory/640-1-0x00000000001F0000-0x0000000000240000-memory.dmp

    Filesize

    320KB

    Download

  • memory/640-0-0x00000000012C0000-0x0000000001405000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/1352-9-0x0000000000130000-0x0000000000180000-memory.dmp

    Filesize

    320KB

    Download

  • memory/1352-8-0x00000000010E0000-0x0000000001225000-memory.dmp

    Filesize

    1.3MB

    Download