Overview

overview

7

Static

static

3

f8c98ec774...71.exe

windows7-x64

7

f8c98ec774...71.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    09-04-2024 20:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f8c98ec774e028ee58028e00232a2c71.exe

  • Size

    1024KB

  • MD5

    f8c98ec774e028ee58028e00232a2c71

  • SHA1

    97cac0118bc98721d3139e4565bf311adadf7780

  • SHA256

    78ed8d76e6abf51cc5744b16ea45a93ee8234321365d348774ddf4779a78b012

  • SHA512

    d27609f924b74f75f4d9a29fcf0946e614369319bba36499aa40ab629e2a85248995d728a9632a27f667d3c320844f3a1ff32cd6c39d63645f3eefaba0570e1f

  • SSDEEP

    24576:YaOsIRfTHLG2uj7ev2qEgLZmN1VUZmw3KNFosgTtKsHPsY2f1:YaOssPMSO0ZmXiZmw3KNFosgT3HPsYM1

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f8c98ec774e028ee58028e00232a2c71.exe
    "C:\Users\Admin\AppData\Local\Temp\f8c98ec774e028ee58028e00232a2c71.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2072
    • C:\Users\Admin\AppData\Local\Temp\16CB.tmp
      "C:\Users\Admin\AppData\Local\Temp\16CB.tmp"
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\16CB.tmp
    Filesize

    1024KB

    MD5

    08518f22199216c044c360726b54e6a4

    SHA1

    06203c88e3896352ca5bda9cf5dfc87c597ef578

    SHA256

    55ce7b2584d88a1897489eedc8daf693ee392f82b29891c0b9c16597b85b0076

    SHA512

    46ecc865ae3cedb6ab656ea2f73cbee46b0f6c54562e72f6ea8d38b918cb0b4d93abaa5a57ca60a39133a7c6a0990e27b164eb4119e47c82f91033b64470aed6

    Download Submit