Overview

overview

7

Static

static

3

3aad7b73f6...89.exe

windows7-x64

7

3aad7b73f6...89.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    22-05-2024 20:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889.exe

  • Size

    720KB

  • MD5

    fc0b6d3bf31be46f7d8211c234ec2672

  • SHA1

    be84abaaea55263dd90d923c26d235eec475a336

  • SHA256

    3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889

  • SHA512

    858a07223d71dcda427c3dacfc86ded49c80fb976d6899caa9c4f2740cbc2f74143e4e884a6aa8ed505f507d21b905b2c776ca495333b1e4148619e858fc08b8

  • SSDEEP

    12288:QhJbM4euy6D9d9pA6etej3uC+IOJ5D9d9pAn:8LygZKnJp4

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889.exe
    "C:\Users\Admin\AppData\Local\Temp\3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:3024
    • C:\Users\Admin\AppData\Local\Temp\3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889.exe
      C:\Users\Admin\AppData\Local\Temp\3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:1984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\3aad7b73f6dc761f7ebb5e56e70503ca0d1f682df9ffe085d75f4feb3e40e889.exe
    Filesize

    720KB

    MD5

    2f84df78cf141e3efcd46524186ded40

    SHA1

    c4a0b1a3ea6b07ec095c46abd65ac1a03acc43a9

    SHA256

    08f9a80e9399f63e4b0b2a33187f6b09e5088b03c19923567157169342356da2

    SHA512

    928b42b592a20063609268179c81ecadb0aa2a135b5154a7b96b167c042f1378267595d7c3fd9b503f97330dfdddb5693cb7c4b6c1bc4e36bbf7b34b2a0d8810

    Download Submit

  • memory/1984-11-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1984-17-0x0000000000260000-0x0000000000296000-memory.dmp

    Filesize

    216KB

    Download

  • memory/1984-12-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/3024-0-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

    Download

  • memory/3024-5-0x0000000000130000-0x0000000000166000-memory.dmp

    Filesize

    216KB

    Download

  • memory/3024-10-0x0000000000400000-0x0000000000436000-memory.dmp

    Filesize

    216KB

    Download