Overview

overview

7

Static

static

3

caebe2600a...7a.exe

windows7-x64

7

caebe2600a...7a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    15/03/2024, 08:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    caebe2600a300915a228e6d8aea9407a.exe

  • Size

    1.5MB

  • MD5

    caebe2600a300915a228e6d8aea9407a

  • SHA1

    1dbecc65f6fb58a9c491cdc8610df678dab2c964

  • SHA256

    cc0b2adddbb325c6351509e9ee55e0740a707b096a7b41996fb5abf219d93ef5

  • SHA512

    03c529452323ea2826a1969cd4ff9cd079147a21a59f6f15cd6bed61788426e8edcaa11bdabc38635d1f5b8f8a6ba4a69072ae6a17f1e90f6b79843fee0a7c8f

  • SSDEEP

    49152:lrq0R07QQm2l/Iy4clI/URomXWI+oT7QES:hq0+7Jl77lI/UzmIOES

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\caebe2600a300915a228e6d8aea9407a.exe
    "C:\Users\Admin\AppData\Local\Temp\caebe2600a300915a228e6d8aea9407a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2756
    • C:\Users\Admin\AppData\Local\Temp\ADDC.tmp
      "C:\Users\Admin\AppData\Local\Temp\ADDC.tmp" --pingC:\Users\Admin\AppData\Local\Temp\caebe2600a300915a228e6d8aea9407a.exe DB41C1E3603ECB9B090FF41EE67D3AD812067FC133323FB3B41617E95669B1DA2262BED4D207A45702BAA6564AFB8BD003A972FFC59AC87F778DB052A602744A
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2300

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ADDC.tmp
    Filesize

    1.5MB

    MD5

    7c5f332206b9ac627e59feaa96d9625f

    SHA1

    ddf79d55cd6573ba494e600813809f9019542b53

    SHA256

    2fade06cfaaaf135bb8dc0a46f0642971f4b84bc9d3a80cb4da1b25c641b8aef

    SHA512

    f7ed5e4843b6094c863d89cd19fcc5f6502b2851358f3b935fb9d1a445ae5e207e814169ff7981cf85100f1813178322ae7a2faaeeaf8b554331a9dee48fbcd4

    Download Submit

  • memory/2300-10-0x00000000002A0000-0x000000000031A000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2300-9-0x0000000001170000-0x000000000133E000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2756-0-0x0000000001D50000-0x0000000001DCA000-memory.dmp

    Filesize

    488KB

    Download

  • memory/2756-1-0x0000000000250000-0x000000000041E000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/2756-8-0x0000000001D50000-0x0000000001DCA000-memory.dmp

    Filesize

    488KB

    Download