Overview

overview

7

Static

static

3

dfe46b20f1...e7.exe

windows7-x64

7

dfe46b20f1...e7.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    93s
  • max time network
    120s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26/03/2024, 19:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dfe46b20f14845d0744977d937d912e7.exe

  • Size

    82KB

  • MD5

    dfe46b20f14845d0744977d937d912e7

  • SHA1

    cfb7d8d145e54fc02fc1c25d816061c0093b7982

  • SHA256

    52c7326a6a38f0faca74af8756ae55e9ab3bed66df332b8251c04b8d672a78b2

  • SHA512

    1b151139217fb8c8d979f8cd3014bf9ccef40befb51e979eb05ba9037df353daafe6b83308e12a08e554c943c547d21cdff0a5287f783cc63ba0bd20c992d609

  • SSDEEP

    1536:UJO0UxpYyQgBVA9QD0PjPCMXFoc+/09TbQx/Yx8vEH79OT3W1tXYy5hlY:WWxOiB+QaC3T/kTbgAyvEb4eXYy6

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\dfe46b20f14845d0744977d937d912e7.exe
    "C:\Users\Admin\AppData\Local\Temp\dfe46b20f14845d0744977d937d912e7.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1116
    • C:\Users\Admin\AppData\Local\Temp\dfe46b20f14845d0744977d937d912e7.exe
      C:\Users\Admin\AppData\Local\Temp\dfe46b20f14845d0744977d937d912e7.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:4856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\dfe46b20f14845d0744977d937d912e7.exe
    Filesize

    82KB

    MD5

    462bfed2b83326cd4932aea5fca80f5e

    SHA1

    f55ca26cffca43862b18bf704a42cc54e412061b

    SHA256

    96df4f93e1ec51565df50c9881f45e7e5b48d90ee3858101b2df8e058495b3b1

    SHA512

    2746fcfffb4f0f4bf06aead46ba9d76943c28f1eb25ebcf7ef03bed468f41e735d60ca9acee790e95a1fba5a918a8da8717f3a3c6a1f57692e8843c04e655699

    Download Submit

  • memory/1116-0-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1116-1-0x0000000001430000-0x000000000145F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/1116-2-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1116-12-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/4856-16-0x0000000001430000-0x000000000145F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/4856-13-0x0000000000400000-0x000000000042F000-memory.dmp

    Filesize

    188KB

    Download

  • memory/4856-20-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/4856-25-0x0000000004DA0000-0x0000000004DBB000-memory.dmp

    Filesize

    108KB

    Download