Overview

overview

7

Static

static

3

a8625afd57...c4.exe

windows7-x64

7

a8625afd57...c4.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    132s
  • max time network
    130s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-05-2024 01:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a8625afd575941e1b2659bd25670108a695f50d7241914e814f00840432f83c4.exe

  • Size

    725KB

  • MD5

    5be27fb3e6286187cdd2fb71f7f4c41f

  • SHA1

    56ee9ba30c021c100e4862497e93ad008b96acdb

  • SHA256

    a8625afd575941e1b2659bd25670108a695f50d7241914e814f00840432f83c4

  • SHA512

    33df898453f9d0fb26477e62d6e6a63fca90c9db1bbd1b48048b7681dee04db93696f3cf349e12d21b9ff8a44a435598fcc669b5859590910ad5d6708458aab5

  • SSDEEP

    12288:OWBm+95nHfF2mgewFx5c9A90wCl5Cy6Fu1kfgjdkAKzZkh18i7X0Xk0X4GkXI5pT:OWBz95ndbgfx5c9s0wC+D9gjTKzZkh14

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\a8625afd575941e1b2659bd25670108a695f50d7241914e814f00840432f83c4.exe
    "C:\Users\Admin\AppData\Local\Temp\a8625afd575941e1b2659bd25670108a695f50d7241914e814f00840432f83c4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3244
    • C:\Users\Admin\AppData\Local\Temp\4611.tmp
      "C:\Users\Admin\AppData\Local\Temp\4611.tmp" --pingC:\Users\Admin\AppData\Local\Temp\a8625afd575941e1b2659bd25670108a695f50d7241914e814f00840432f83c4.exe D9D4E9E7A71488F0DD38498BF01D523B402AF2ACB975BE3FEF29AC55E9B597FC4ED27F1F081590BEB066AC47407C8CFFC73E3721ADE59E9A3C5D87AA8855DB97
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2196

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\4611.tmp
    Filesize

    725KB

    MD5

    e97f22e16abd0b34926e6d56bc1ee449

    SHA1

    596903993e9b17ec8f28fed2eeadae1babb0932c

    SHA256

    4fa570981fcfd67120cb578a966a28578c8fe91c59128d17e7ec16de17aff0c5

    SHA512

    be4d527b3a2043ba557d5066608a6d52aad388f54f0b5af79896d4c77b939180d75b448f9f0878dac03f23dc7e48eec439a12192f188bc06bb22e9c2f309c124

    Download Submit

  • memory/2196-6-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download

  • memory/2196-8-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download

  • memory/3244-0-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download

  • memory/3244-7-0x0000000000400000-0x0000000000486000-memory.dmp

    Filesize

    536KB

    Download