Overview

overview

7

Static

static

3

d924e01f77...ec.exe

windows7-x64

7

d924e01f77...ec.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    07/08/2024, 03:38 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d924e01f7741333e94b429512ae8eb47946e4e03cb035aedf6f5b06c4328caec.exe

  • Size

    9KB

  • MD5

    ab05f29e8de8e59c34860640bc65b74e

  • SHA1

    708b1425284a7f4b433287082610dfebc356f395

  • SHA256

    d924e01f7741333e94b429512ae8eb47946e4e03cb035aedf6f5b06c4328caec

  • SHA512

    96e3f5ff355a7246d9e34a30e052cc79a204ab859f7c76a9a897da6b2d5cffd12f9fa6be7b6e5c64e37e1043d4aa32c089892ad7aa5a208a843565c496119ce0

  • SSDEEP

    96:mBLYtOvLGaDlZ6wAnQWRRUlCXmfVwSbwT/3fyQSqpVRdw3zwBrA:mBLYt6lZmQWRRVXm9w7fbvrG

Score
7/10
discovery

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d924e01f7741333e94b429512ae8eb47946e4e03cb035aedf6f5b06c4328caec.exe
    "C:\Users\Admin\AppData\Local\Temp\d924e01f7741333e94b429512ae8eb47946e4e03cb035aedf6f5b06c4328caec.exe"
    1⤵
    • Loads dropped DLL
    • System Location Discovery: System Language Discovery
    • Suspicious use of WriteProcessMemory
    PID:3044
    • C:\Users\Admin\AppData\Local\Temp\denis.exe
      "C:\Users\Admin\AppData\Local\Temp\denis.exe"
      2⤵
      • Executes dropped EXE
      PID:2520

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\denis.exe
    Filesize

    9KB

    MD5

    036081f45f2cc9dab83b87a3974d3296

    SHA1

    19b88e4d2bf8d83bab0efb6a656115be7433765b

    SHA256

    48263a23d395706c0258136a6637eb80344da86b6bcabbe95451b1cafe9ea865

    SHA512

    8aeaddf879207a2cd5e4b087a7640bb05a040c4c433a45dece0cf389460c8af3b74df9c7a2bc50e97444a38084b8b66e3cb19b7b6ffdc5ea53e5eb2e13469d02

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.