Overview

overview

7

Static

static

3

3abb2dd008...7d.exe

windows7-x64

7

3abb2dd008...7d.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05-06-2024 21:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3abb2dd0085dc22ac8aae342d15600bc3c640310fb3af11200fd45b4ce18f17d.exe

  • Size

    4.4MB

  • MD5

    09460f7dbc4573b6b15d553e6ff58303

  • SHA1

    a32473ef1c69539c388168995446ab2659048b68

  • SHA256

    3abb2dd0085dc22ac8aae342d15600bc3c640310fb3af11200fd45b4ce18f17d

  • SHA512

    f5d0298b6d13959be3103d5447b810d370f56968248b0b3324ec5e0156693e5f39dab63309a2c77773d6dcf9aab489fe4529b1a8d0a6206303abb929639614c1

  • SSDEEP

    98304:emhd1UryeM/+vxChnDE03RMV7wQqZUha5jtSn:elvvxuDzq2QbaZte

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3abb2dd0085dc22ac8aae342d15600bc3c640310fb3af11200fd45b4ce18f17d.exe
    "C:\Users\Admin\AppData\Local\Temp\3abb2dd0085dc22ac8aae342d15600bc3c640310fb3af11200fd45b4ce18f17d.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3556
    • C:\Users\Admin\AppData\Local\Temp\2CEC.tmp
      "C:\Users\Admin\AppData\Local\Temp\2CEC.tmp" --splashC:\Users\Admin\AppData\Local\Temp\3abb2dd0085dc22ac8aae342d15600bc3c640310fb3af11200fd45b4ce18f17d.exe E173ACBCA463091C58F4B09FECC52370F655C4378419FD37FD913E705E79A656B740FD56622079DF290278776BF80C641B4D8464B235CF892CEE025EC4485A61
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:1736

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\2CEC.tmp
    Filesize

    4.4MB

    MD5

    831111dfe7375af87aaf41e8b93559d9

    SHA1

    7fa10fe88d450d432fe51742216ec57024ff1563

    SHA256

    419ffdd81f4cc65bec27492a69103eeca293944ff4a0b8c1512082cb666cb478

    SHA512

    048ef377122d742a9964bd3bbfbc4ef817d50c7c8c638a43be9543674da122e212b0d99e7de4cad50e62eb5cd4c5e61d9075178d635b1443524bf285e3a7e02b

    Download Submit

  • memory/1736-5-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download

  • memory/3556-0-0x0000000000400000-0x0000000000849000-memory.dmp

    Filesize

    4.3MB

    Download