Overview

overview

7

Static

static

3

cc4c94d5b7...97.exe

windows7-x64

7

cc4c94d5b7...97.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    170s
  • max time network
    158s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-03-2024 20:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cc4c94d5b7fca4e531681cdc0ef11197.exe

  • Size

    1.9MB

  • MD5

    cc4c94d5b7fca4e531681cdc0ef11197

  • SHA1

    ae3c36471ea4dbbdb9a7cded3f78db43215e3d53

  • SHA256

    37df25f95012c2a364f2984243bb1ac43e6d24238e10dbd28706b748174a4514

  • SHA512

    eefed89ed78859ea8081498e77689f05ee708d71ce68b50e79345b95be5627e63b08fd829b1b425aa9ed2baa45e09074a19a721da92761d7d05dd954ea2b72bf

  • SSDEEP

    49152:Qoa1taC070dIH04KcHmffo/iOuXQ+KB24Y0l6OP:Qoa1taC09Ijg/iJA+xf0N

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cc4c94d5b7fca4e531681cdc0ef11197.exe
    "C:\Users\Admin\AppData\Local\Temp\cc4c94d5b7fca4e531681cdc0ef11197.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3088
    • C:\Users\Admin\AppData\Local\Temp\CDC0.tmp
      "C:\Users\Admin\AppData\Local\Temp\CDC0.tmp" --splashC:\Users\Admin\AppData\Local\Temp\cc4c94d5b7fca4e531681cdc0ef11197.exe D8C933FF32B5A0C696292AF2DD83976EA2FF683A63720348596600C55B6ACDC6B140D3A19E5D556130BE357A2A8A79C34A6B8E526B7A7CCC12178DFAD1FB7600
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\CDC0.tmp
    Filesize

    1.9MB

    MD5

    74691bc9494b31881f72a955a580bd93

    SHA1

    5e0c4c74b35af6ffb99a681ae4e7040785c525cb

    SHA256

    6bb0f7fdac561750347abc92d8f26f24fb4866c4bc969c84a714c47c5d1b4575

    SHA512

    437f686183b15b00073e00839d8db3fd78255b2c50049b4372bad320978235375543bfce117ad63c5d15766f9062ee7b6f9e1162c2eff2c0017c5e3ad845236b

    Download Submit

  • memory/3088-0-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download

  • memory/3852-5-0x0000000000400000-0x00000000005E6000-memory.dmp

    Filesize

    1.9MB

    Download