Overview

overview

4

Static

static

1

cryptoobfuscator.exe

windows7-x64

4

cryptoobfuscator.exe

windows10-2004-x64

4

Resubmissions

23-05-2024 07:46

240523-jly78ahh7w 4

Analysis

  • max time kernel
    291s
  • max time network
    274s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-05-2024 07:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cryptoobfuscator.exe

  • Size

    14.1MB

  • MD5

    14d095fc60a3469677b59c588374eddb

  • SHA1

    045f8a912bd5d6744f469f9405a12723516f5894

  • SHA256

    9e27b065efe024ac85551f48a40426304adefac5d89dfe09e4b8dbfc4ed0817a

  • SHA512

    9c7eada81926b913028650c798b7c76e6bd78d82d41ce097782cb4841e152c34736780c2f7bc9ce92ab2008aa8b202fe60b243e3207bbdecb52a358841de6dc8

  • SSDEEP

    393216:Ogwye71sbkygUbKLsEYx/xNOZLG8nCMP4QaCixd2b3f6Y:OgWvBUbwsDZWdvCcnT6Y

Score
4/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cryptoobfuscator.exe
    "C:\Users\Admin\AppData\Local\Temp\cryptoobfuscator.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4440
    • C:\Users\Admin\AppData\Local\Temp\is-GTL1K.tmp\cryptoobfuscator.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-GTL1K.tmp\cryptoobfuscator.tmp" /SL5="$501C6,14493226,57856,C:\Users\Admin\AppData\Local\Temp\cryptoobfuscator.exe"
      2⤵
      • Executes dropped EXE
      PID:220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-GTL1K.tmp\cryptoobfuscator.tmp
    Filesize

    705KB

    MD5

    bbdfc09bbc5c0978dfa66f3958eaec62

    SHA1

    92b29db2cf53b4a9a50aa4b981366ed3121060b5

    SHA256

    2bfe0885f3fea218937d0e67ad4b26b1b3a58b2144ab1eb503e4953bb078ba19

    SHA512

    e592861294aa6f9d8b01aa5d1c076d444723510d068093268e4ef5197109df2b1105fc1d6f2eb5a13e9d96e2bf47d803453b930c68bb6ed8d61699703566b216

    Download Submit

  • memory/220-7-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/220-9-0x0000000000400000-0x00000000004BE000-memory.dmp

    Filesize

    760KB

    Download

  • memory/4440-1-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download

  • memory/4440-2-0x0000000000401000-0x000000000040C000-memory.dmp

    Filesize

    44KB

    Download

  • memory/4440-8-0x0000000000400000-0x0000000000415000-memory.dmp

    Filesize

    84KB

    Download