Overview

overview

7

Static

static

3

762d226a66...da.exe

windows7-x64

7

762d226a66...da.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 23:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    762d226a66cd228ba3c7991c20dc604face60fe41d776da8fc39a964417874da.exe

  • Size

    4.1MB

  • MD5

    cc8735f627d445498e226718a9f8c452

  • SHA1

    1989922ad03ce41fd620ca8037a8ed4c288d31b3

  • SHA256

    762d226a66cd228ba3c7991c20dc604face60fe41d776da8fc39a964417874da

  • SHA512

    74891582f528113479e5903c1b174ca62919454df0799f039bfd334cdf799a3732263f9d85cfc8c5616f836d2fc9303a77891f413c64876d1efbdbf10bfc7748

  • SSDEEP

    98304:+R0pI/IQlUoMPdmpSpC4ADtnkgvNWlw6aTfN41v:+R0pIAQhMPdmF5n9klRKN41v

Score
7/10
persistence

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
    persistence
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\762d226a66cd228ba3c7991c20dc604face60fe41d776da8fc39a964417874da.exe
    "C:\Users\Admin\AppData\Local\Temp\762d226a66cd228ba3c7991c20dc604face60fe41d776da8fc39a964417874da.exe"
    1⤵
    • Loads dropped DLL
    • Adds Run key to start application
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:2580
    • C:\UserDot3N\adobec.exe
      C:\UserDot3N\adobec.exe
      2⤵
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      PID:2204

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\KaVBM3\boddevloc.exe
    Filesize

    4.1MB

    MD5

    56ed9a8098b505b46a30bd59ed567576

    SHA1

    90eb1d16260a71ab1c11deb716c841c7dbd94a24

    SHA256

    c9e0170b72e0045a0c94295aa4830c2b5d25e25b47dbbcb78eb58bc88328f415

    SHA512

    59c3d08fc681756a76227fdcdab1d13e28fbe9f691296b0b7ae7071965d0c607e30f3651e9aed205b28a095110a35f0350a50d50e5bd18f419cd2270d312f507

    Download Submit

  • C:\Users\Admin\253086396416_6.1_Admin.ini
    Filesize

    205B

    MD5

    67ce51f79c1d9526e94a7e05cd76ee5e

    SHA1

    214d2f08e7b19ccf3222bf10ef734c0df75683fd

    SHA256

    3b4419f0a276ea76d5e8f94dda514e460e442096a1a3a7a0d091390af3c29cce

    SHA512

    6e6c08437fdd32b9e30dd95ff19b546fc2f18d4c1cb0337ac94ef6413824c7023721c583c79ca1728c5176d595c8fe7c8fcbd97d45b523c3e1919b2ab4e592c1

    Download Submit

  • \UserDot3N\adobec.exe
    Filesize

    4.1MB

    MD5

    b3990fa3ba759e6ade94a7c319b1956c

    SHA1

    5d61ff7d710c99cd9277b82cd8e6d8bd06a7bfc7

    SHA256

    4fe0a97045cee4279cb5647fac89a04297a37ce82b85f6161dcb8385f85583bd

    SHA512

    9e0a15449bc31e726697279a671a86bb0da7f36b00e75b59ff0ebfdb5e5406afabcdb55e329a7ba0610b85ebb7de51260ded3b9fbee81e369d8ac27dfd828a43

    Download Submit