Overview

overview

7

Static

static

3

66b75c65d2...97.exe

windows7-x64

7

66b75c65d2...97.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2024, 20:53

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    66b75c65d2358f56e9dd95e4f0028ec7d2a788a2d6ad05d122e927a16705d297.exe

  • Size

    700KB

  • MD5

    25fc2e11b0a48877eae437e1e055344e

  • SHA1

    aa541c4a93b060f78d28c9dc6b0b49b849fa7e20

  • SHA256

    66b75c65d2358f56e9dd95e4f0028ec7d2a788a2d6ad05d122e927a16705d297

  • SHA512

    38c5f1bbf387b681488b45dc4d6a08c8eaee24035505796803c59f8e89f5b3c79f7f14556b50a1c0f6daf2616f810eb996d4ed5806b8ef3528082712a809baad

  • SSDEEP

    12288:iWBm+95nHfF2mgewFx5vgAggxfbXvPGOdPJfGp1kfgjdkAitv4aHlrc+6LAEOJ4h:iWBz95ndbgfx5vTgGTzNE+gjTitv4aH+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\66b75c65d2358f56e9dd95e4f0028ec7d2a788a2d6ad05d122e927a16705d297.exe
    "C:\Users\Admin\AppData\Local\Temp\66b75c65d2358f56e9dd95e4f0028ec7d2a788a2d6ad05d122e927a16705d297.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2380
    • C:\Users\Admin\AppData\Local\Temp\7243.tmp
      "C:\Users\Admin\AppData\Local\Temp\7243.tmp" --pingC:\Users\Admin\AppData\Local\Temp\66b75c65d2358f56e9dd95e4f0028ec7d2a788a2d6ad05d122e927a16705d297.exe 6095B88EAAAC331086B57119677E55B550F6F5F23018676FF380209822A9F613C5F7B46A561EE9BB6FF04C4F5EE6711575AB458AA3B252C8468DA1508AEFE4C7
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2488

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\7243.tmp
          Filesize

          700KB

          MD5

          f2960043f35030ce29368be32525e433

          SHA1

          dc4046eb33d0741beffae4f21f2d4240b70d0f9d

          SHA256

          5413085fa620c005d2d641f47e3275647546bb3bb9d520b986b205b693f2fbf1

          SHA512

          068ee94a9ab437ae5257802baaeaa728952e8e76ac06890188dc8b173c7e2d8a89a0e8f391b81a9c9c02353b39a3a69a1b029bc2ea0dfa75458bf4ae5390f2e3

          Download Submit

        • memory/2380-0-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2380-5-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2380-6-0x0000000000340000-0x00000000003C7000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2488-8-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download

        • memory/2488-9-0x0000000000400000-0x0000000000487000-memory.dmp

          Filesize

          540KB

          Download