Overview

overview

7

Static

static

3

80a6ce9239...0f.exe

windows7-x64

7

80a6ce9239...0f.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 23:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    80a6ce9239154605dc25c0accf35a311f08e1d5d20404ae64abe54995d46de0f.exe

  • Size

    7.8MB

  • MD5

    f38651573d5bd7795ed082e618b12b4a

  • SHA1

    86629d876002950ec0a6e615b07b4340cdc9f4df

  • SHA256

    80a6ce9239154605dc25c0accf35a311f08e1d5d20404ae64abe54995d46de0f

  • SHA512

    797dfba42bb8acab9fe01551ab5ddae962f50e3993b01e7e242c93447e22ede71964814851950b47c934d4bca76a997804f1d24bbc2d7e91266f63c4fb6645eb

  • SSDEEP

    98304:emhd1Uryeu0vr8Sv7zfJgV7wQqZUha5jtSyZIUb:elO6gSJg2QbaZtli

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\80a6ce9239154605dc25c0accf35a311f08e1d5d20404ae64abe54995d46de0f.exe
    "C:\Users\Admin\AppData\Local\Temp\80a6ce9239154605dc25c0accf35a311f08e1d5d20404ae64abe54995d46de0f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2492
    • C:\Users\Admin\AppData\Local\Temp\2156.tmp
      "C:\Users\Admin\AppData\Local\Temp\2156.tmp" --splashC:\Users\Admin\AppData\Local\Temp\80a6ce9239154605dc25c0accf35a311f08e1d5d20404ae64abe54995d46de0f.exe 5AD1695046F09885F65A7DAAD539B454E4BE0528F9629ADFC9BE17FDC54B1A17B02561975D3E9A2E3D68F401ACF8C7C2554CA4A4471931C598BFBCF276CDEE58
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2592

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\2156.tmp
    Filesize

    7.8MB

    MD5

    085b3b67fc49bc640d59742debe07149

    SHA1

    ebc185ed814b8d69c4b7b2d47e1f079b22d3166c

    SHA256

    092c0325dbd548a7eb618a4c4a9ccd2165e9fca0cbbd40ff6e7f5b282f8ce10b

    SHA512

    502bacdafcfa16a0439acac94d377d879f4426ada4d5f2867f05f51b28aa1a02d235433339b187c35870a88412c0cac815a6f68e44853a053fd1ffec7863f3ed

    Download Submit
  • memory/2492-0-0x0000000000400000-0x0000000000849000-memory.dmp
    Filesize

    4.3MB

    Download
  • memory/2592-9-0x0000000000400000-0x0000000000849000-memory.dmp
    Filesize

    4.3MB

    Download