Overview

overview

7

Static

static

3

d54372ef94...e1.exe

windows7-x64

7

d54372ef94...e1.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/03/2024, 05:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d54372ef94ef0a1fc6417fadd11d7ce1.exe

  • Size

    1.1MB

  • MD5

    d54372ef94ef0a1fc6417fadd11d7ce1

  • SHA1

    1ecf93ecd692f695ad9a40493b0c62141181f202

  • SHA256

    614980c151bd95cf549be843fb027875ac2f3b31b4401b862eb09f1a20698695

  • SHA512

    47750646d08ed47cd9173ff8ecfa1797178bebddf07a2730a14ce014eb8958beed5995e7b72ee45e0e98e936de33a297e90dd4a134362b4bcca4b8c7f51d072c

  • SSDEEP

    24576:qKeyxTAJj7PV/s4k+oW6itPl6pMurAJYMTIbtwYWVkO42:qKeyRA/t6+PMp2FStF2kW

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d54372ef94ef0a1fc6417fadd11d7ce1.exe
    "C:\Users\Admin\AppData\Local\Temp\d54372ef94ef0a1fc6417fadd11d7ce1.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:372
    • C:\Program Files (x86)\oycbkfa\ktkeojwrd.exe
      "C:\Program Files (x86)\oycbkfa\ktkeojwrd.exe"
      2⤵
      • Executes dropped EXE
      PID:1916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files (x86)\oycbkfa\ktkeojwrd.exe
    Filesize

    1.1MB

    MD5

    60e7b52d12d8dcab432be2dadb440928

    SHA1

    acd60c229777081b7d494b5b56acbd00273713c1

    SHA256

    20dfad1bb8d2eda3282714663b4bea88f5bee57915b089c0722fc2a77d938375

    SHA512

    d661db9bb1c74d7efdde40883e486b8f0b214732bf71efdcd5aadc4d69d5313327d428a0af65ef9eb0c08bf067ea48f4869db1c134dd646eb0b39be206c051a3

    Download Submit

  • memory/372-0-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/372-1-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/372-6-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1916-7-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download

  • memory/1916-8-0x0000000000400000-0x0000000000494000-memory.dmp

    Filesize

    592KB

    Download