Overview

overview

7

Static

static

3

c563ad5ba6...6a.exe

windows7-x64

7

c563ad5ba6...6a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    28/03/2024, 00:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c563ad5ba6a46500da10a58d6ce603a5d8ec9d7ffe38752d7e48fef6390a866a.exe

  • Size

    486KB

  • MD5

    35e87e09bc6b50c6e0666de1fcc351a9

  • SHA1

    b192273adc72406fe5a358f7633a9bc260591b76

  • SHA256

    c563ad5ba6a46500da10a58d6ce603a5d8ec9d7ffe38752d7e48fef6390a866a

  • SHA512

    93e09f8fe350431976b92673e997ae0f4e666ebc2632175e2d00f789b75274ccd0f2d238f9d4d77f5216b9d28a6c3354a65c04c52a1305371feba2d978003561

  • SSDEEP

    12288:3O4rfItL8HPkp1iWRIMtZBZF486437rKxUYXhW:3O4rQtGPSoaIiZx8U3KxUYXhW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c563ad5ba6a46500da10a58d6ce603a5d8ec9d7ffe38752d7e48fef6390a866a.exe
    "C:\Users\Admin\AppData\Local\Temp\c563ad5ba6a46500da10a58d6ce603a5d8ec9d7ffe38752d7e48fef6390a866a.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:232
    • C:\Users\Admin\AppData\Local\Temp\442D.tmp
      "C:\Users\Admin\AppData\Local\Temp\442D.tmp" --helpC:\Users\Admin\AppData\Local\Temp\c563ad5ba6a46500da10a58d6ce603a5d8ec9d7ffe38752d7e48fef6390a866a.exe A3C541A54E09073FBAA4CAB3CAD35551869F2214CA1BE90D60C00605DF6AC25A97708A7862216FCEB70D3BE7770C23ECFCDD3E6B5B2B5B0A65A5815239299CB2
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2400

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\442D.tmp
    Filesize

    486KB

    MD5

    ada24d5af6921c8143c77ebcf4113c88

    SHA1

    c4669d7840c5b502d0794b908417852c7a69c8e7

    SHA256

    e328c0aa5eb9673a85aa1a363af56dd5a1818da4a756b84bf82e54c117966723

    SHA512

    c5ca5c7f8df44fbbce17fb5b20196d5d39d96820ce33a37e94be0703c102b6bc469e294e45bdedd7f4365ada1051d5ceca42f973fd0631415725d4b416cdccb5

    Download Submit