Overview

overview

7

Static

static

3

145b389b94...8a.exe

windows7-x64

7

145b389b94...8a.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    13/05/2024, 18:52 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    145b389b947821948eb1cc5c3f5b54944f8f810a665e451a0a4e8f2eeb95518a.exe

  • Size

    4.2MB

  • MD5

    29a6c9b3a26443f7a7d12457f0ffef7d

  • SHA1

    6b53187be7410a591aa090ecee0afddd96e1c52f

  • SHA256

    145b389b947821948eb1cc5c3f5b54944f8f810a665e451a0a4e8f2eeb95518a

  • SHA512

    5c923b748d7a001b038e8ecfdfaa4a9a6eb804137b120bc7ffe0bc22d49c662713c4a06a9dc9e342f8f0024012711c5a1a1f91487bc32be8a60e859caca9f6d0

  • SSDEEP

    98304:Cmhd1UryeaAR7i3yVLUjH5oxFbxhVLUjH5oxFbx:Cl6sVUjZEdhVUjZEd

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\145b389b947821948eb1cc5c3f5b54944f8f810a665e451a0a4e8f2eeb95518a.exe
    "C:\Users\Admin\AppData\Local\Temp\145b389b947821948eb1cc5c3f5b54944f8f810a665e451a0a4e8f2eeb95518a.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2056
    • C:\Users\Admin\AppData\Local\Temp\22BD.tmp
      "C:\Users\Admin\AppData\Local\Temp\22BD.tmp" --splashC:\Users\Admin\AppData\Local\Temp\145b389b947821948eb1cc5c3f5b54944f8f810a665e451a0a4e8f2eeb95518a.exe A77D828B4FA2E76A580FD72EBB856F3358593141BD664E9CFE5E67072912FDA7AA60E1D2C008775872CF461C79E63EBDA473AB7101F4BDE759C3FAC5296ED92B
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\22BD.tmp
    Filesize

    4.2MB

    MD5

    9c07e8df0bc109e62ec5ceef1354f363

    SHA1

    fec476d903fe57322c38b117993b67fbe9009813

    SHA256

    e9ad2e729903483ba1524fc4e8ab3db0c52925884ccae36e1f2104a5a8969fe5

    SHA512

    6e8f013468d0d5c7d119013e59c3d88624cd0f6ed9fe221de2420bc729f12972a8a59d64415a9a7f4a8c74965772d2583bca7101449b5499b031789e5dbe099d

    Download Submit

  • memory/620-9-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2056-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.