Overview

overview

6

Static

static

3

2600366898...f2.exe

windows7-x64

6

2600366898...f2.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04-04-2024 19:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    26003668989f33dbedd2ca68595fb7d9908efeb93054096d0402f4ceee2677f2.exe

  • Size

    292KB

  • MD5

    0f455b470891006dc8921d5474a5abe7

  • SHA1

    d2ad40a773b9b20141d8ee22d6b3c77372713b35

  • SHA256

    26003668989f33dbedd2ca68595fb7d9908efeb93054096d0402f4ceee2677f2

  • SHA512

    0a49448f0587bea9e9eef4aac49b8ac78bd1a41f5599c02580d6f6b941ec079b7510c7e4b01de657f00cc50058361c7f28dd59aafbc98d55169c182552b0d680

  • SSDEEP

    768:jZKM11gG4ChfiPO0rfz0shcUypMC5/VKhZyg3iepFV2DIQqSsFY2s/qsy/EI0IQR:gMDgG4ChfiPOefgsOUqQwg

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 4 IoCs
    persistence
  • Drops file in Windows directory 14 IoCs
  • Program crash 1 IoCs
  • Modifies registry class 3 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\26003668989f33dbedd2ca68595fb7d9908efeb93054096d0402f4ceee2677f2.exe
    "C:\Users\Admin\AppData\Local\Temp\26003668989f33dbedd2ca68595fb7d9908efeb93054096d0402f4ceee2677f2.exe"
    1⤵
    • Adds Run key to start application
    • Drops file in Windows directory
    • Modifies registry class
    • Suspicious use of WriteProcessMemory
    PID:2332
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2332 -s 92
      2⤵
      • Program crash
      PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\system\Sysexp32.exe
    Filesize

    304KB

    MD5

    3768e5235f343b2f060486820449c214

    SHA1

    ed49fefb4905a05e1a76f55cba4fb02511a0500e

    SHA256

    57cc983b79418158a5653a44b95c2fbc31a180f1c7e9724189e67fadf3534a23

    SHA512

    619f03e4b02c64d319e23271854b2887d493cd0142f7fc867fc113d0a09529607929ab6c4c2091727fe3cd03200745bc2563629e563fe4c998987efc013429df

    Download Submit