Overview

overview

7

Static

static

3

a0eaa5cc16...2c.exe

windows7-x64

7

a0eaa5cc16...2c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 01:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a0eaa5cc16d2fecc797e0b15791e84116006195198f7e8867405715a8c1c932c.exe

  • Size

    5.4MB

  • MD5

    bce4e3991fb5801d380a4ddd003956e2

  • SHA1

    5e936e486a6b80ee37491734ed67d84cd23e7334

  • SHA256

    a0eaa5cc16d2fecc797e0b15791e84116006195198f7e8867405715a8c1c932c

  • SHA512

    f155f9a7ac8c2bb87fd5f81234f335d8cee32019077424f54280e1ae01d85218b16f002b605de88dc4793d4cc42f8b7c9d0607df197584147de97fd43b7d674f

  • SSDEEP

    98304:emhd1UryeDOtmR4f7ixp2IYV7wQqZUha5jtSyZIUh:el/OfGxfY2QbaZtliU

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a0eaa5cc16d2fecc797e0b15791e84116006195198f7e8867405715a8c1c932c.exe
    "C:\Users\Admin\AppData\Local\Temp\a0eaa5cc16d2fecc797e0b15791e84116006195198f7e8867405715a8c1c932c.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2508
    • C:\Users\Admin\AppData\Local\Temp\46FC.tmp
      "C:\Users\Admin\AppData\Local\Temp\46FC.tmp" --splashC:\Users\Admin\AppData\Local\Temp\a0eaa5cc16d2fecc797e0b15791e84116006195198f7e8867405715a8c1c932c.exe D67C385BD648407A3F9EF24D48E2DDDF87AAD70ED79FA913E7667AFD4B320FB5B7C1EECAD8A850B390E86E74E017971AB71A88A7635B12E74516C189D4A68A8F
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:640

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\46FC.tmp
    Filesize

    5.4MB

    MD5

    d515c5a8753b770abe253ed0e537ca74

    SHA1

    9b6f53f84a06e4287ea1cc0af30f138780132043

    SHA256

    5090a4941f14576135d4c4f22364672dcdfb061e93027fffe65363696f38b926

    SHA512

    dc08edba65bb98dfc30488ca256c59812fce68db2f981b321bcced9b856ef3c3bc98ebac11cf71d8f9d64eeef809f7caffd9a77ce2591072be99cfb41f0a64d5

    Download Submit

  • memory/640-5-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/2508-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download