Overview

overview

7

Static

static

3

420c98e137...66.exe

windows7-x64

7

420c98e137...66.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    11/06/2024, 21:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66.exe

  • Size

    359KB

  • MD5

    8ef0a2657f0bde56a2607f699d375b71

  • SHA1

    25ff48049181d1a6c1a2fb56fe533e7ca3dca7b2

  • SHA256

    420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66

  • SHA512

    0f7fd8855a61b021467901a6f8f9d6f877b78d866e526409cef99bd71efa5e104336b48f3262981d129de534e574de59c93d0d7347ba7ff44e516231a5b14e58

  • SSDEEP

    6144:mZwPC2Zn/rlpAqlt/Lxh/ojKD4q/MgVz4Y5gDKK0LHYtVzbOJo:mZkLTjbLxhAjS4QvVzd5gz0Lexj

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66.exe
    "C:\Users\Admin\AppData\Local\Temp\420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2164
    • C:\Users\Admin\AppData\Local\Temp\420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66.exe
      C:\Users\Admin\AppData\Local\Temp\420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:2292

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\420c98e1375dd2d271ebd507ea1ad9cdbe896e12e8dc1bfd675147f472295d66.exe
          Filesize

          359KB

          MD5

          3b16275bb5e10993bdb3c3ede621fd69

          SHA1

          a5730864359d0db58ae8c6d920d078ea9743f94e

          SHA256

          fb307f66f4d1c23f5814264638c0897c222d3700cf6d28f9794398b48e31fecc

          SHA512

          953b3f08781defd36f14ead0d11706f5f32deea88eabed39fc86fdb42261a16d8a5906c28151691433e5a302c5d7b1edbce2296164e1a9176c07e8878ae07b62

          Download Submit

        • memory/2164-0-0x0000000000400000-0x0000000000435000-memory.dmp

          Filesize

          212KB

          Download

        • memory/2164-5-0x0000000000210000-0x0000000000245000-memory.dmp

          Filesize

          212KB

          Download

        • memory/2164-11-0x0000000000400000-0x0000000000435000-memory.dmp

          Filesize

          212KB

          Download

        • memory/2292-12-0x0000000000400000-0x0000000000435000-memory.dmp

          Filesize

          212KB

          Download

        • memory/2292-13-0x0000000000400000-0x0000000000415000-memory.dmp

          Filesize

          84KB

          Download

        • memory/2292-18-0x0000000000130000-0x0000000000165000-memory.dmp

          Filesize

          212KB

          Download