Overview

overview

7

Static

static

3

d7336c5180...ed.exe

windows7-x64

7

d7336c5180...ed.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    09-07-2024 05:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed.exe

  • Size

    220KB

  • MD5

    923b6264346f2d6d2f2fb489c514ad80

  • SHA1

    f85fe9ca2767fc345db36d5b9a7317246cc5716d

  • SHA256

    d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed

  • SHA512

    daff9242e33452b6b94c223aacaa0257b41c54038b89dd0cc7aa3f9bfa6275a6780345fc59844dc1e6bee089621bc27e603325152db77aa5a4235179ac66d309

  • SSDEEP

    6144:2gGxxAGVEthZ2frHqZA/JQl7U1nF7tK/ui1qZYCt:2BxYKfr5qK7I/OZYCt

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed.exe
    "C:\Users\Admin\AppData\Local\Temp\d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: RenamesItself
    • Suspicious use of WriteProcessMemory
    PID:2392
    • C:\Users\Admin\AppData\Local\Temp\d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed.exe
      C:\Users\Admin\AppData\Local\Temp\d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed.exe
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious use of UnmapMainImage
      PID:2128

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\d7336c51808c09d68253f1ac18d4ed8d81bdc82bf3250975db06ef1e70dabbed.exe
    Filesize

    220KB

    MD5

    8ab237b6835e3b40a0ba581d1e88efb1

    SHA1

    eae455bcb79d169b295f1c8da939ed6eb667397b

    SHA256

    9300019431949120e547ebbd5f0be40b951752476935c534ff17e99b3c5f4688

    SHA512

    1a1c7ed83e1a09823fcad5e3bf7493eba82749471434ffcda39258dae8a5f5d2c39f91427293a1ec5fe34f9d11272b83c4fe4c83298c02847130c8147a3d76fa

    Download Submit

  • memory/2128-11-0x0000000000400000-0x000000000041A000-memory.dmp

    Filesize

    104KB

    Download

  • memory/2128-10-0x0000000000400000-0x0000000000441000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2128-16-0x0000000000200000-0x0000000000241000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2128-17-0x0000000000400000-0x0000000000441000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2392-0-0x0000000000400000-0x0000000000441000-memory.dmp

    Filesize

    260KB

    Download

  • memory/2392-8-0x0000000000400000-0x0000000000441000-memory.dmp

    Filesize

    260KB

    Download