Overview

overview

7

Static

static

3

24d679d78a...87.exe

windows7-x64

7

24d679d78a...87.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/07/2024, 01:08

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe

  • Size

    192KB

  • MD5

    b067f51fb68aeef97310ecb28494eb30

  • SHA1

    e02f7ce5ed5778ae0df670b9a114d6c2c60373a1

  • SHA256

    24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687

  • SHA512

    a3c748979c35fc419b697c961b8a1d04ccdd6e41ef5af53ba6db77554e102e6fd523a714d2fe29980e0de224b7b58151a9b158f1dd582486e3f86b11eebed35c

  • SSDEEP

    3072:baCd9Hchiv7m9OlD+t1SelA1CoHb3rNqvpPewXhCw3BDh:e49Gijm9OlDoPlA1CoN6Ywx53BDh

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
    "C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:3020
    • C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
      C:\Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: GetForegroundWindowSpam
      • Suspicious use of UnmapMainImage
      PID:1988

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\24d679d78a767fd7d1000a18c34858f969bc1d1e07e62efa3c003586606e4687.exe
          Filesize

          192KB

          MD5

          a5cfd660729d5556cbf83e60918e7040

          SHA1

          2ef4a620e916c03755b196948a92365e8d41a04d

          SHA256

          e1298d6e4e71f8760897b01002d932b60f37e4e1eea24fdc2681375b1d9b9b92

          SHA512

          6e1d9feece10d47017aee2219e0b33d38d52f2b244b2c1bdc093599f7f847292ad1e8e7cf09bd70df4c433f2f2461ba5e2476297a8a39d0c68bffd6a8518d193

          Download Submit

        • memory/1988-11-0x0000000000400000-0x000000000043C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/1988-12-0x0000000000400000-0x0000000000415000-memory.dmp

          Filesize

          84KB

          Download

        • memory/1988-17-0x0000000000130000-0x000000000016C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/3020-0-0x0000000000400000-0x000000000043C000-memory.dmp

          Filesize

          240KB

          Download

        • memory/3020-6-0x00000000000C0000-0x00000000000FC000-memory.dmp

          Filesize

          240KB

          Download

        • memory/3020-10-0x0000000000400000-0x000000000043C000-memory.dmp

          Filesize

          240KB

          Download