Overview

overview

7

Static

static

3

90032303f1...05.exe

windows7-x64

7

90032303f1...05.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    130s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/06/2024, 03:23

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    90032303f178ed99fea5128f751a8d68d273c0a2547e34d8d34953935a762a05.exe

  • Size

    7.0MB

  • MD5

    99d27b48c999a59a1d8362da87409cdc

  • SHA1

    063f88e4f7a875c2c2482b037e83428b3848a858

  • SHA256

    90032303f178ed99fea5128f751a8d68d273c0a2547e34d8d34953935a762a05

  • SHA512

    5e024e407b1cbede50646c316219f42f665444c5dac1ca7714bff5f4e0ca0c7d15e142bc6edb4ca21a5f225131b1ed8bc7e4aaf54f4153cfba3425f38b769ca1

  • SSDEEP

    98304:emhd1Uryebyg4eur3j5USV7wQqZUha5jtSyZIUbn:elepr3jb2QbaZtliK

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\90032303f178ed99fea5128f751a8d68d273c0a2547e34d8d34953935a762a05.exe
    "C:\Users\Admin\AppData\Local\Temp\90032303f178ed99fea5128f751a8d68d273c0a2547e34d8d34953935a762a05.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1404
    • C:\Users\Admin\AppData\Local\Temp\44C9.tmp
      "C:\Users\Admin\AppData\Local\Temp\44C9.tmp" --splashC:\Users\Admin\AppData\Local\Temp\90032303f178ed99fea5128f751a8d68d273c0a2547e34d8d34953935a762a05.exe B5718F3A755A439D6CE354B95312A5A61D3A1E2B96EAB16F356C9236304F649C3BF31E1CEFAFACDF5F3F2C569B76CCF9DECCCEDECEB198B63F4C93EFC9001BF4
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:3764

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\44C9.tmp
          Filesize

          7.0MB

          MD5

          cc3635a2cd42fb28753dbe63d3509ae2

          SHA1

          f28ef82abb2a849362194e3d156fedc847184bec

          SHA256

          adf77e5ac93f6d0bba3b3eca4d4ca2d0889c727be6c047cfb1073e4801c8ef6e

          SHA512

          714f3188cb95ca4f97f0774aba41257bd8640006d9df0728a4856225b6988eee5c20dec6cd5bda4fc99ae6e01d0e8a753682a76390850a049bf84048a274e282

          Download Submit

        • memory/1404-0-0x0000000000400000-0x0000000000849000-memory.dmp

          Filesize

          4.3MB

          Download

        • memory/3764-5-0x0000000000400000-0x0000000000849000-memory.dmp

          Filesize

          4.3MB

          Download