Overview

overview

7

Static

static

3

ba2b372ecf...50.exe

windows7-x64

7

ba2b372ecf...50.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    23-05-2024 02:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50.exe

  • Size

    416KB

  • MD5

    b0923dddb85b09333f969a8536e684c2

  • SHA1

    82c0d75cfb413226c1a0a5c2d9e38ed4723e8f39

  • SHA256

    ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50

  • SHA512

    06d58fea53a8dd9c513212d681fb074afbc99f73f83a4481720bf097fa14fd73923374cbac2937bf55af9567f87f381e4cc28e39176668790615e16bb2d3e026

  • SSDEEP

    6144:1jKUkZNboWLtbUBfTi96tYa1UWdDJboY4sJ9pALL7j1aFwoF:1jKUkLbfUB7oNa1U6D9d9pAi

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50.exe
    "C:\Users\Admin\AppData\Local\Temp\ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2884
    • C:\Users\Admin\AppData\Local\Temp\ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50.exe
      C:\Users\Admin\AppData\Local\Temp\ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\ba2b372ecfd8c59f6d5c8d640c9709131b7c6669f6f69cfb847ba4d6b432ad50.exe
    Filesize

    416KB

    MD5

    90b61118a769d72a6d2e00ed3b9c94ed

    SHA1

    8778aa744cd2cb453cf8c0f2c72ae139a1969103

    SHA256

    6ede88a466a73ce9514bb1b53d6bf06104d98fda53cddfed799971e8424ef134

    SHA512

    2798895169dae618b06a7d9c0cc5e3c6c5f99bd22c6523d7a8267e21403493e6d6dcfeda77f77b205d082939f591e17632c20efd09258925ee27ab25ccce565b

    Download Submit
  • memory/2848-10-0x0000000000400000-0x0000000000436000-memory.dmp
    Filesize

    216KB

    Download
  • memory/2848-11-0x0000000000400000-0x0000000000415000-memory.dmp
    Filesize

    84KB

    Download
  • memory/2848-16-0x0000000000180000-0x00000000001B6000-memory.dmp
    Filesize

    216KB

    Download
  • memory/2884-0-0x0000000000400000-0x0000000000436000-memory.dmp
    Filesize

    216KB

    Download
  • memory/2884-9-0x0000000000400000-0x0000000000436000-memory.dmp
    Filesize

    216KB

    Download