Overview

overview

7

Static

static

3

de31cdb18d...7b.exe

windows7-x64

7

de31cdb18d...7b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/03/2024, 14:09

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    de31cdb18d91e813d8df9106b90cde7b.exe

  • Size

    1.9MB

  • MD5

    de31cdb18d91e813d8df9106b90cde7b

  • SHA1

    51234aeda8e07ec1a51ee0be00cd1ff681d2848e

  • SHA256

    138f784f8dfc7c9d631dd40d5b22bfd4aa3409f7664506d527f58f3bccb245d5

  • SHA512

    3397ddd1b189e3382735d9048792fc04327b3250833dc87e379eb6b33834692ddce26ee8f10db96ccd5a8c992b42e50c6b62d86a6eadc68a7d6a4a35c59ed609

  • SSDEEP

    24576:N2oo60HPdt+1CRiY2eOBvcj3u10dtxE2AqteUU9IV1ofHv9mR0p/iT7vei/P8SOB:Qoa1taC070ds2Aaez9u8Hv940y7v9i

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\de31cdb18d91e813d8df9106b90cde7b.exe
    "C:\Users\Admin\AppData\Local\Temp\de31cdb18d91e813d8df9106b90cde7b.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3216
    • C:\Users\Admin\AppData\Local\Temp\38F2.tmp
      "C:\Users\Admin\AppData\Local\Temp\38F2.tmp" --splashC:\Users\Admin\AppData\Local\Temp\de31cdb18d91e813d8df9106b90cde7b.exe A4CA32E8A59D54E34D77ACC4F3516F6D8C079225021C78D4F6D57DBDCEF027F9DF17B005E61BF7A7483B3F6E0DB8678F6A2C4394F578D12FE7233B7709AA1B36
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:720

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\38F2.tmp
          Filesize

          1.9MB

          MD5

          f55dee2d0f6ab6a7130fab1ef226e961

          SHA1

          65d5ececc956d958b552adffe910ec68343cdce2

          SHA256

          59f5b741c70d4566d3f7c340aaa764c88aeed0d8490be3213dc1c1b55b646389

          SHA512

          b37f8aa905b4a0c7c2d6c70da7005a4ce47e7c077acb082ec1d12ef23d8737e0eb650cb14adf91b3973f654f8b6a423d0ba6755a25bf6e54ca9a1d99052278dd

          Download Submit

        • memory/720-5-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/3216-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download