Overview

overview

7

Static

static

3

25c2122193...96.exe

windows7-x64

7

25c2122193...96.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    04/05/2024, 21:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    25c21221931f23fa6d3e701b01e771db75451a8b2f11f5376d72d5ee5c25e396.exe

  • Size

    5.4MB

  • MD5

    412aca1f8a9d5b2134672c7066ab83ba

  • SHA1

    455db12b2aad0556c24154e106dc0cc10a2866ef

  • SHA256

    25c21221931f23fa6d3e701b01e771db75451a8b2f11f5376d72d5ee5c25e396

  • SHA512

    01a3452799a9d25af8e7917e9d7e7d20523c514d5eba685329bc9007edda06bab2c48ed9568a9ae25f7e46987168d5ece3dec843f44a92c4f8f5321a3e2a91cd

  • SSDEEP

    98304:emhd1UryeqwQyLk7Y7OJTScMe8V7wQqZUha5jtSyZIUh:el9QyorF82QbaZtliU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\25c21221931f23fa6d3e701b01e771db75451a8b2f11f5376d72d5ee5c25e396.exe
    "C:\Users\Admin\AppData\Local\Temp\25c21221931f23fa6d3e701b01e771db75451a8b2f11f5376d72d5ee5c25e396.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2100
    • C:\Users\Admin\AppData\Local\Temp\915.tmp
      "C:\Users\Admin\AppData\Local\Temp\915.tmp" --splashC:\Users\Admin\AppData\Local\Temp\25c21221931f23fa6d3e701b01e771db75451a8b2f11f5376d72d5ee5c25e396.exe D8E86BB7F69E1E68794A09F7123AF6EE1C7937B851C56B85E6ED0492779731C559EF586CBF59E407CB34D6255C224C63B270061ADC7FFD33A0720E13F4EB7177
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\915.tmp
    Filesize

    5.4MB

    MD5

    11a778de99e0b543fa30c204e9ac53a5

    SHA1

    9b322fe1d287e2c2038d6c42bcd0df2a2f13fe27

    SHA256

    976f73c7e818e144810064397e591166958481b07595fec0a3fe8c5c1a5eaf7f

    SHA512

    4d82ec179e506a71c4058c8c8655c32c1f17bebe7b540118324d9511967700c99ffe0dd62b1747e8d23f15f7598890445a654cb4c5d89bf85d2e9074f6a9aa10

    Download Submit

  • memory/2100-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2936-9-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download