Overview

overview

7

Static

static

3

fc7ebb238c...6b.exe

windows7-x64

7

fc7ebb238c...6b.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    10/04/2024, 00:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b.exe

  • Size

    194KB

  • MD5

    a55ecb85fe9d5e92672803278ba89625

  • SHA1

    8aea90ef1d0f99111398802e8a1e2bdfd0ddf0f6

  • SHA256

    fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b

  • SHA512

    c01c7796169dfc10bd7302caddb91e109865b32481ec28143aece89af71c3c2e1b7fd670400482a7f7da5fcce50f77c0f7790baa849028f832e1ade8b0c5bfaf

  • SSDEEP

    3072:5S0scglOCcofiFlrquT0yNm0ozYSsa5bfzfB029sSJx/0vMLy3SyMhP8:5PecMyquo2ozYSsoP+29sSJSen

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b.exe
    "C:\Users\Admin\AppData\Local\Temp\fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2224
    • C:\Users\Admin\AppData\Local\Temp\fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b.exe
      C:\Users\Admin\AppData\Local\Temp\fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2884

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\fc7ebb238c545e25fd2ef3af7cb507e6f2ca0fba89951669346f7df53f288f6b.exe
    Filesize

    194KB

    MD5

    a651d1e6b598929127a082cd10ee2669

    SHA1

    3bcc5017df36ffd53a19954051f563bef5d26f90

    SHA256

    6991fe6cd01e3a3a5043fdf044f2b2befc0283d4c7494a74017a71d83c57fd09

    SHA512

    5d9d4eb8e7c45c3a418550848fe57b3a4c7fb2cfcf49b5c730354a6d9c4408d88e1277d12e77cd1e8c9ac437f55f122bb028c7032293a55e5d732828e1e53ea7

    Download Submit

  • memory/2224-0-0x0000000000400000-0x0000000000439000-memory.dmp

    Filesize

    228KB

    Download

  • memory/2224-8-0x0000000000400000-0x0000000000439000-memory.dmp

    Filesize

    228KB

    Download

  • memory/2884-10-0x0000000000400000-0x0000000000439000-memory.dmp

    Filesize

    228KB

    Download

  • memory/2884-11-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2884-13-0x0000000000210000-0x0000000000249000-memory.dmp

    Filesize

    228KB

    Download