Overview

overview

7

Static

static

3

59fde6e2d6...9c.exe

windows7-x64

7

59fde6e2d6...9c.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    94s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/06/2024, 12:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c.exe

  • Size

    92KB

  • MD5

    157e76d0d5aa255c8d6c1a2876355f17

  • SHA1

    4a8deb20bcd50cd93416a155097c8a413719990a

  • SHA256

    59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c

  • SHA512

    9fbfa56287c54b90ca0fe487fcb12d23fc5bb7792202171200bf77663549c93e40474219ffa5ef8220eb3dd2403ae3dccc0a7a13d93bc79abee46a1e5ba425dd

  • SSDEEP

    1536:yqM7pAFbujLQ2CAvPH+zO+UxnCJeTuapX9ea:P+KF6w2lvPezO+ufTuBa

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c.exe
    "C:\Users\Admin\AppData\Local\Temp\59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1844
    • C:\Users\Admin\AppData\Local\Temp\59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c.exe
      C:\Users\Admin\AppData\Local\Temp\59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:372

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\59fde6e2d61f2fc82015f048add67eb46445c6bd0145278d713185b020ce639c.exe
    Filesize

    92KB

    MD5

    6a4b0a29d7b6f112e2183215056f901b

    SHA1

    f28d737539c971cdcde1c10cca12d0aa6ce1aae9

    SHA256

    631f00a7cff7fce1a96e806828ed3d53b9057843fa81dc61f8ad62618f30cc83

    SHA512

    e64f0ec15bf8a7ba4433fd901d3728149e0423e416646af6a8bac3bcd9e11152fd9d547b415746b0f356bf1a93918dbc19dc3875b4e9ce182610a0f24b254726

    Download Submit

  • memory/372-13-0x0000000000400000-0x0000000000431000-memory.dmp

    Filesize

    196KB

    Download

  • memory/372-14-0x00000000001B0000-0x00000000001E1000-memory.dmp

    Filesize

    196KB

    Download

  • memory/372-20-0x0000000000400000-0x000000000040E000-memory.dmp

    Filesize

    56KB

    Download

  • memory/372-25-0x00000000014F0000-0x000000000150B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1844-0-0x0000000000400000-0x0000000000431000-memory.dmp

    Filesize

    196KB

    Download

  • memory/1844-1-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download

  • memory/1844-6-0x00000000001C0000-0x00000000001F1000-memory.dmp

    Filesize

    196KB

    Download

  • memory/1844-11-0x0000000000400000-0x000000000041B000-memory.dmp

    Filesize

    108KB

    Download