Overview

overview

7

Static

static

3

3c9ccf6a28...0N.exe

windows7-x64

7

3c9ccf6a28...0N.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    07/07/2024, 03:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3c9ccf6a28bc9d9e8031ac0b35a11dc0N.exe

  • Size

    70KB

  • MD5

    3c9ccf6a28bc9d9e8031ac0b35a11dc0

  • SHA1

    be1a46bf42e252d9082ac4b30119baf1d453d186

  • SHA256

    2ac20bdca54cda4aa753708b526b7d98dcdf74fd44501fb97ebb5cb83a991e2b

  • SHA512

    0af1d0dc13e8ff72f9f18dd2ec730096d46444c377dc14d2f29f43f14386cff57a277e1502693c403e9ac9f865fd7e328b63c3a29fa3346020012333df58a6a8

  • SSDEEP

    768:BV/Pp4hAJdmJ1zEW04MzkTkL7DTg3E1ysh3e5tLn0T:BV/AAJdi1z2PoTV3E1yshODLn0T

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of UnmapMainImage 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3c9ccf6a28bc9d9e8031ac0b35a11dc0N.exe
    "C:\Users\Admin\AppData\Local\Temp\3c9ccf6a28bc9d9e8031ac0b35a11dc0N.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Users\Admin\AppData\Local\Temp\weyjba.exe
      "C:\Users\Admin\AppData\Local\Temp\weyjba.exe"
      2⤵
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2484

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\weyjba.exe
          Filesize

          71KB

          MD5

          f40a02d7c56c743cab9ad1bc1c6a978f

          SHA1

          9dd100b6611af04281ae4eb9e265ebf25660306a

          SHA256

          f0a1a313c2008618b8a26d60820497703acbf8cb25f85cf40942aae531e4404e

          SHA512

          7c80403a0c9b9d1a498df2c625c411418c3175afad34fad4e53bef2db0475da242be0bc66d78ad9d8bbf7335595b89fe3f90ec3c1ef44ac0821a42f09a4874d0

          Download Submit

        • memory/2484-25-0x0000000000230000-0x0000000000236000-memory.dmp

          Filesize

          24KB

          Download

        • memory/3040-0-0x0000000000400000-0x0000000000415000-memory.dmp

          Filesize

          84KB

          Download

        • memory/3040-2-0x0000000000400000-0x0000000000406000-memory.dmp

          Filesize

          24KB

          Download

        • memory/3040-1-0x0000000000290000-0x0000000000296000-memory.dmp

          Filesize

          24KB

          Download

        • memory/3040-9-0x0000000000290000-0x0000000000296000-memory.dmp

          Filesize

          24KB

          Download

        • memory/3040-13-0x00000000031E0000-0x00000000031F5000-memory.dmp

          Filesize

          84KB

          Download