Overview

overview

6

Static

static

1

16f4cf31cf...fe.exe

windows7-x64

6

16f4cf31cf...fe.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    147s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    04-07-2024 22:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16f4cf31cfee3bf9ad5fb77f7bd4c03044c149a2dc9c55ab0e164f2c5bf8cbfe.exe

  • Size

    984KB

  • MD5

    83f3a12aa0dd4847ced2a272cb7e8fd0

  • SHA1

    6fb6cb4b80704a66c4850965f524bcf7849a463d

  • SHA256

    16f4cf31cfee3bf9ad5fb77f7bd4c03044c149a2dc9c55ab0e164f2c5bf8cbfe

  • SHA512

    6a6432af27e537eb489ec982ed528d418c234b8e3fb28046933c21d3e4aae8682fd40d35427aed826803d081ee940c109bce6ddc120421596d1be608acc227c1

  • SSDEEP

    12288:N2ToLD2QfWUEknSsmjj/UVF4T5Sny+EDZQTjMVJK1P5aEL36dyhxoeVs7:NkuPfWsnnw/UV+5Sny+EDKMVcRan2vq

Score
6/10
persistence

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 1 IoCs
    persistence
  • Suspicious behavior: RenamesItself 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\16f4cf31cfee3bf9ad5fb77f7bd4c03044c149a2dc9c55ab0e164f2c5bf8cbfe.exe
    "C:\Users\Admin\AppData\Local\Temp\16f4cf31cfee3bf9ad5fb77f7bd4c03044c149a2dc9c55ab0e164f2c5bf8cbfe.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious behavior: RenamesItself
    PID:2604

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\16f4cf31cfee3bf9ad5fb77f7bd4c03044c149a2dc9c55ab0e164f2c5bf8cbfe.exe
    Filesize

    984KB

    MD5

    928a1e2db8c242c0808cf63f281643de

    SHA1

    dbdb774fb96e2e588913fa463c60a4b1fed0b5bd

    SHA256

    11d7943062fb0a51c62443d2a4bff846ecd8173acf7412c99de9d7c1257ac51f

    SHA512

    a2969dff0995565e4498fb9e63fcb19b77155d88b3ed6cdbdb54780ed19c306a5cc26457e70a1330e1ddc3420f2994f68808ebd8b9fe969aafd13f65cc4f6021

    Download Submit

  • memory/2604-13-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-14-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-3-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-9-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-10-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-11-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-4-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-2-0x00000000003B0000-0x00000000003B1000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2604-12-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-15-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-16-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-17-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-18-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-19-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download

  • memory/2604-20-0x0000000000040000-0x0000000000139000-memory.dmp

    Filesize

    996KB

    Download