Overview

overview

7

Static

static

3

a86574f1e6...83.exe

windows7-x64

7

a86574f1e6...83.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 01:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183.exe

  • Size

    453KB

  • MD5

    0ab406aa58cbb45f06e13277bc30ab6c

  • SHA1

    5425c03b0f23631080b9756e4c03dfb5336e07ae

  • SHA256

    a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183

  • SHA512

    3a471fb9634f3d5da1f88017b712d56f9f135c726ffea3c3391de48a63de94559a832ea734d7307d819c166a9082b776487da5274aa97a88e773ae38faa978e2

  • SSDEEP

    6144:vrKJcWk68+hobG1gsZ20W7cyqCxSngmMBqfycuPbUl0i5cD5J6b8pS0wULW:vrWk68+S6ygk0npM4dl0v5JHpS0wULW

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183.exe
    "C:\Users\Admin\AppData\Local\Temp\a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Users\Admin\AppData\Local\Temp\a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183.exe
      C:\Users\Admin\AppData\Local\Temp\a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\a86574f1e606a65881b961f8dd61fab03038e9ce0a36098d25a1a75ee171a183.exe
    Filesize

    453KB

    MD5

    7a065145f3893dda73b4f38092e01629

    SHA1

    829ec0ab48e1f3075528aa8f4c92e43f49017af3

    SHA256

    3623ca0e63a402e513ad8d0042c50bc5d6feba4880da3eb48b02e2c527d12f5e

    SHA512

    814973fb3ab0b8d4b6f753d9fbbcea1723b0f4f7fa703d3228bb67edacb910c866d0230fd040eafe7b5585d37946bb0377bab2a331de02289570f7bf34eaa095

    Download Submit

  • memory/1972-0-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1972-9-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/1972-6-0x00000000002A0000-0x00000000002DE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2384-11-0x0000000000400000-0x000000000043E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2384-13-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/2384-12-0x0000000000190000-0x00000000001CE000-memory.dmp

    Filesize

    248KB

    Download