Overview

overview

10

Static

static

10

x360ce/data/Reg.exe

windows7-x64

4

x360ce/data/Reg.exe

windows10-2004-x64

4

x360ce/data/Reg.vbs

windows7-x64

1

x360ce/data/Reg.vbs

windows10-2004-x64

1

x360ce/x360ce.exe

windows7-x64

1

x360ce/x360ce.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    01-09-2024 02:49

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    x360ce/x360ce.exe

  • Size

    162KB

  • MD5

    d50289d1ba4b88774309b4ca8ee10ea4

  • SHA1

    b88976f789650c10922c665386ab929c5bf45728

  • SHA256

    ed6c4a4dabead55eff566e48c9d67865a18fdf90871119b9011f9db523a67d8f

  • SHA512

    9d682961c698328e545a6fca2b50d6acd33389aca4d8e4b8ee2f24bea7598117b763c8b287e62804e0e4660042d9573150c969dbd651414e62ad32568e877c2f

  • SSDEEP

    3072:3brZEFa/cwLLd85Ml1hL8nIwbAC1LwcEQkQkLY9nvu1Tno6vG2hwCxXdbqYun6L:3bx/caLd854qn9ECFwcEQWCUTnooG27B

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\x360ce\x360ce.exe
    "C:\Users\Admin\AppData\Local\Temp\x360ce\x360ce.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1872
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 1872 -s 516
      2⤵
        PID:2328

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1872-0-0x000007FEF6153000-0x000007FEF6154000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1872-1-0x000000013F1C0000-0x000000013F1EA000-memory.dmp

      Filesize

      168KB

      Download

    • memory/1872-2-0x000007FEF6153000-0x000007FEF6154000-memory.dmp

      Filesize

      4KB

      Download