Overview

overview

7

Static

static

3

26cbfdd760...54.exe

windows7-x64

7

26cbfdd760...54.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-03-2024 14:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.exe

  • Size

    4.9MB

  • MD5

    782b3e4dfc98025aec34111c427a7c2f

  • SHA1

    4b2dd2bde8ceb903899d6dff4f9cb4765b399b07

  • SHA256

    26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54

  • SHA512

    576b67f11a4e4754abe7cc713aa36ccbfa9ca445206e7882327fe6c84a8539939d5a52c9fdb05e9641784627dec498b2fb198216fca558b9cd87536ba8641838

  • SSDEEP

    98304:tiTy7XAiOnT0txhfb7lY9ek7qkQM3j5fVh+FKVHBfvsNhPtQzkmeq7xiTVO:tBDAiC59ek7qkQuthYKFBfytQwmZli5O

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.exe
    "C:\Users\Admin\AppData\Local\Temp\26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4304
    • C:\Users\Admin\AppData\Local\Temp\is-VI45M.tmp\26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-VI45M.tmp\26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.tmp" /SL5="$90052,4306939,770048,C:\Users\Admin\AppData\Local\Temp\26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.exe"
      2⤵
      • Executes dropped EXE
      PID:2428

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-VI45M.tmp\26cbfdd7603f862f20eba1c1c30e2cd29f29740274575bf70342e92f61c87f54.tmp
    Filesize

    3.0MB

    MD5

    dcded363d6161e2c56e1e8a49f82983d

    SHA1

    951b938ea4445785ee62eec71f4730cb9cc2b1c9

    SHA256

    e3b6353e736d8add9194c93fe5f87fb5fecada2599fef79aac144cd1ce8927b2

    SHA512

    72e1be99a3515c6943e065e537bcae29bb4b706284d2e4de55e4a9b56655db45c82fdd8a2ca36f2375376395cba14923a9ee07a405faa8f7eef9262c4421a84b

    Download Submit

  • memory/2428-5-0x0000000000D10000-0x0000000000D11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2428-8-0x0000000000400000-0x000000000070F000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/2428-11-0x0000000000D10000-0x0000000000D11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4304-0-0x0000000000400000-0x00000000004C9000-memory.dmp

    Filesize

    804KB

    Download

  • memory/4304-7-0x0000000000400000-0x00000000004C9000-memory.dmp

    Filesize

    804KB

    Download