Overview

overview

7

Static

static

3

5d8e3ae541...29.exe

windows7-x64

7

5d8e3ae541...29.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/05/2024, 22:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5d8e3ae541e854a67e5db86326b0741a5a00b3f96ed50d1597649f0e83bc3f29.exe

  • Size

    74KB

  • MD5

    5eb1c8af3ee9dbe80483c3db5ed2e0ae

  • SHA1

    2d5e63fc040b4cb9b0d4212fe38f48babbbe7dc4

  • SHA256

    5d8e3ae541e854a67e5db86326b0741a5a00b3f96ed50d1597649f0e83bc3f29

  • SHA512

    28d49b9002d81d3e66abeb973ba6c95a7a74ddf82cc3e7eb293f233087f6d1de1ac2c39df907eadf8efebbe96a3a0e5da6c73d81281dc3b9d9230bed5847aae4

  • SSDEEP

    768:hZZ6Zyf9BuhThEUAvMgvvd9WhTOng8X6m2AYS1rg1YJZLIgwRdPxCdYLndQxzGpc:1v0evMm+tgg1XS181xbGgdjhh9ZoPcKX

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5d8e3ae541e854a67e5db86326b0741a5a00b3f96ed50d1597649f0e83bc3f29.exe
    "C:\Users\Admin\AppData\Local\Temp\5d8e3ae541e854a67e5db86326b0741a5a00b3f96ed50d1597649f0e83bc3f29.exe"
    1⤵
    • Drops file in System32 directory
    PID:2892
    • C:\Windows\SysWOW64\utdexor.exe
      "C:\Windows\SysWOW64\utdexor.exe"
      2⤵
      • Executes dropped EXE
      PID:5012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\utdexor.exe
    Filesize

    70KB

    MD5

    09e180bad535f2fcfde6fa7979a728e5

    SHA1

    02f588b26aeec0e3beff7949a3ea2e253412e6a1

    SHA256

    0a9a9fbc78f1a42359df37c8cf5448c47f9d891cbadfa0a37b21e5a3118efc19

    SHA512

    1a704b01873f8e750f98b0905a7783164f2ccc5205ad0539f4031870b29f9f47446a6d7156b5741a9de4acfc6c443a362995e150154a6e8205d1eb024a9afa6e

    Download Submit

  • memory/2892-2-0x0000000077832000-0x0000000077833000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2892-4-0x0000000000400000-0x0000000000403000-memory.dmp

    Filesize

    12KB

    Download