Overview

overview

7

Static

static

3

d5b6a309b1...3d.exe

windows7-x64

7

d5b6a309b1...3d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    1s
  • max time network
    7s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/03/2024, 08:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d5b6a309b12a2f0a185207da2adadd3d.exe

  • Size

    471KB

  • MD5

    d5b6a309b12a2f0a185207da2adadd3d

  • SHA1

    a3e52897f14cacbc0da9f7053a4ac302a165cb14

  • SHA256

    12b58d53ddc77d81ea3de8f7761ba36e552e57f5c3c95853799f3e8d4e72876f

  • SHA512

    e617090d3a42eae06760e3af60368cd8fc6903246db671a1c208e6fba63539b1c7a6a730b403bf03205cfed59959abf7c3d3423a52b66c5593835d2a2179f126

  • SSDEEP

    6144:Ww0uS4HrtXRGPRX2YIe4GQYMb9bn6DtcvW4LHJ2SkArBylSD:jA4ZX4Jae4GRMRmpRKp2S5Bp

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d5b6a309b12a2f0a185207da2adadd3d.exe
    "C:\Users\Admin\AppData\Local\Temp\d5b6a309b12a2f0a185207da2adadd3d.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4736
    • C:\Windows\SysWOW64\regsvr32.exe
      regsvr32.exe "C:\Users\Admin\AppData\Local\Temp\\~0E574C4B.tmp"
      2⤵
      • Loads dropped DLL
      PID:764

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\~0E574C4B.tmp
          Filesize

          380KB

          MD5

          4dde5b5c9f67f6f8df25d5a1d53601ae

          SHA1

          4a85954ff0dcbf7c464d2a52bf8fee06e51e06dc

          SHA256

          c7161db7161d34d3ab5757f5c60e683535c92e0f20747b6de60ed2f53943eced

          SHA512

          1ef4aa864711a781a30f5e2ef572d9f854b5661b4ab748a788ad05a235d78fead3843cc0e08e3981f5b60cd3cd21416e9ebcd155ba481c1ae9f0c2233bec1eec

          Download Submit

        • memory/764-11-0x0000000010000000-0x0000000010060000-memory.dmp

          Filesize

          384KB

          Download

        • memory/764-13-0x0000000010000000-0x0000000010037000-memory.dmp

          Filesize

          220KB

          Download

        • memory/764-15-0x0000000000DF0000-0x0000000000DF2000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4736-0-0x0000000000400000-0x0000000000475000-memory.dmp

          Filesize

          468KB

          Download

        • memory/4736-2-0x0000000000400000-0x0000000000453000-memory.dmp

          Filesize

          332KB

          Download

        • memory/4736-4-0x0000000002330000-0x0000000002332000-memory.dmp

          Filesize

          8KB

          Download

        • memory/4736-7-0x0000000000400000-0x0000000000453000-memory.dmp

          Filesize

          332KB

          Download