Overview

overview

7

Static

static

3

6f5a8b71d1...27.exe

windows7-x64

7

6f5a8b71d1...27.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    02-05-2024 23:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6f5a8b71d1e034fec103af57b1267ec272151deaf10b025db2757269d0f84f27.exe

  • Size

    7.8MB

  • MD5

    9faeac5f8910a0ead228f3341decb236

  • SHA1

    3cfd95d0045ef2fbbf8615b0626392ae0c96386b

  • SHA256

    6f5a8b71d1e034fec103af57b1267ec272151deaf10b025db2757269d0f84f27

  • SHA512

    9c21556960000b7b962d2249207b6b7b9ea31c457c4e51f2f540b0e4e95c2ef6bc410a4efe254279c213423c98e4e3ef86b630a4eaed4b66558b53343994bdcd

  • SSDEEP

    98304:emhd1UryeLsbqY3O1Bo654ftvLV7wQqZUha5jtSyZIUb:elrpY+fZ5wtvL2QbaZtli

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6f5a8b71d1e034fec103af57b1267ec272151deaf10b025db2757269d0f84f27.exe
    "C:\Users\Admin\AppData\Local\Temp\6f5a8b71d1e034fec103af57b1267ec272151deaf10b025db2757269d0f84f27.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:1284
    • C:\Users\Admin\AppData\Local\Temp\87B6.tmp
      "C:\Users\Admin\AppData\Local\Temp\87B6.tmp" --splashC:\Users\Admin\AppData\Local\Temp\6f5a8b71d1e034fec103af57b1267ec272151deaf10b025db2757269d0f84f27.exe 0850245D8FB0BBE4577274F4ED6D9CC876194D2DDE1E1D48BEC46A82204090ED6CDAC87115480E72D36F7D83715B035C71B362672BE4E6B5AF1FEF569A59A5DC
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\87B6.tmp
    Filesize

    7.8MB

    MD5

    24fadeeaf02f0b5f2f2230f860c8dcb6

    SHA1

    11b88a089c35a8779e0878cf73525a23b05ffcd3

    SHA256

    7c5f5b3ed15c53de5b74ab41115ced7ab4729747395bc8987126de0593012e65

    SHA512

    0f5fd14ede99a7daa2195696dad5ebd8c5345c7289c3c09d4bf9861d2ecf4eed0a62f29b7fd68f04c53b6f4e17befb71a7ccbbddb5665e8e5efbb86c7898b5c2

    Download Submit

  • memory/1284-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2744-9-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download