Overview

overview

7

Static

static

3

2a64393513...80.exe

windows7-x64

7

2a64393513...80.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    135s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240419-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/05/2024, 19:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2a64393513a054cdcf465d5d0048fc5705fa860166f1038ae7d9c3f96d7d0b80.exe

  • Size

    71KB

  • MD5

    c4e7020a769a2db1ffabce7a492d782f

  • SHA1

    a1096d674f93f1416fb6102e6391ba8788fc0781

  • SHA256

    2a64393513a054cdcf465d5d0048fc5705fa860166f1038ae7d9c3f96d7d0b80

  • SHA512

    e6cac2e1bbfb5fdca1587d27ee3accc57eba8333ca07e432327a10c10e55baeb536090c5fd9efcfdc33674aa5c0d402d097eb5d608ead7aaa7d6f11d0f0eb415

  • SSDEEP

    1536:1wrcZa4V5fH01ZJdlUOIV3js6/XyMgjm6Ul0sYnLwDvB:y6RRH0IVweitm7lXYnEDvB

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2a64393513a054cdcf465d5d0048fc5705fa860166f1038ae7d9c3f96d7d0b80.exe
    "C:\Users\Admin\AppData\Local\Temp\2a64393513a054cdcf465d5d0048fc5705fa860166f1038ae7d9c3f96d7d0b80.exe"
    1⤵
    • Drops file in System32 directory
    PID:4660
    • C:\Windows\SysWOW64\ubbahog-oxom.exe
      "C:\Windows\SysWOW64\ubbahog-oxom.exe"
      2⤵
      • Executes dropped EXE
      PID:5044

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\ubbahog-oxom.exe
    Filesize

    68KB

    MD5

    5af0e14627ff85386ff9636cad37e61c

    SHA1

    16a613c9a6129b788a26219082f656c2f4f676f9

    SHA256

    4578c8fb5d065f63be3f497b70a5076dd67e4abd085e25bdf35fe91050e49c45

    SHA512

    9a31e61d1eaec267ee2e2448b5d1d62102eb0e6e7ba39afd16a6fc15499788f07b7ccef82dab980abda91e6eeb7227ad48209ecd26319dd6899108f2162b7eab

    Download Submit

  • memory/4660-2-0x0000000077252000-0x0000000077253000-memory.dmp

    Filesize

    4KB

    Download

  • memory/4660-4-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download