Overview

overview

7

Static

static

3

bd2e07f92e...37.exe

windows7-x64

7

bd2e07f92e...37.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    132s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 02:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bd2e07f92e5f26433bcbb2f384481bd19315d4c0c15b77769316f49870b52737.exe

  • Size

    4.4MB

  • MD5

    c0269430f74b5c0911808d7b7c8c1302

  • SHA1

    e264faab01679f0d79dbd627add26ef46cc66ee3

  • SHA256

    bd2e07f92e5f26433bcbb2f384481bd19315d4c0c15b77769316f49870b52737

  • SHA512

    8362e862f7bd817839eae6a9b4eec231f6c6a9ad6ee38d3b7f5bfec1171e5bf0bbe803f7d6128bf83b7502aa766bc37abecd3721d81f4afeb4f5880b0e9843a6

  • SSDEEP

    98304:emhd1UryeO5TDPODM6/2+3uTDV7wQqZUha5jtSn:elutr2H2+3un2QbaZte

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\bd2e07f92e5f26433bcbb2f384481bd19315d4c0c15b77769316f49870b52737.exe
    "C:\Users\Admin\AppData\Local\Temp\bd2e07f92e5f26433bcbb2f384481bd19315d4c0c15b77769316f49870b52737.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4764
    • C:\Users\Admin\AppData\Local\Temp\41BC.tmp
      "C:\Users\Admin\AppData\Local\Temp\41BC.tmp" --splashC:\Users\Admin\AppData\Local\Temp\bd2e07f92e5f26433bcbb2f384481bd19315d4c0c15b77769316f49870b52737.exe 6BDDDFE605DC3CE5A703C065EBBAE61DAFCE44D449713013ED5BF267813A92979B4977948723FFF3AA1F388F008B725DC512BFA9A418547D8F1CB12C2BDD97D0
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\41BC.tmp
    Filesize

    4.4MB

    MD5

    9cd2fc8a809fbe5842fcad64abf2117a

    SHA1

    81e5456d31b6831d840d9372660eccb32aa6fa80

    SHA256

    0781d6c5ae01af61e26774e156cad28f25bb8a2633a94367340404dc6d4e64c3

    SHA512

    7b793eb1df9b581b77d61ecff5b2bcd41005ed20d285b0998c1d1eb863411514258426c9e5db432cdc5530f45d53389c749dc065b4530e28ddd56a83ee882bee

    Download Submit
  • memory/636-5-0x0000000000400000-0x0000000000849000-memory.dmp
    Filesize

    4.3MB

    Download
  • memory/4764-0-0x0000000000400000-0x0000000000849000-memory.dmp
    Filesize

    4.3MB

    Download