Overview

overview

10

Static

static

10

fe25de503f...5a.exe

windows7-x64

10

fe25de503f...5a.exe

windows10-2004-x64

10

fe282eaa90...45.exe

windows7-x64

10

fe282eaa90...45.exe

windows10-2004-x64

10

fe402f76d3...4d.exe

windows7-x64

10

fe402f76d3...4d.exe

windows10-2004-x64

10

fe55574c53...c0.exe

windows7-x64

1

fe55574c53...c0.exe

windows10-2004-x64

5

fe8a65a43d...3f.exe

windows7-x64

7

fe8a65a43d...3f.exe

windows10-2004-x64

7

fe99ddfdfc...6c.exe

windows7-x64

10

fe99ddfdfc...6c.exe

windows10-2004-x64

10

feb2c82a66...50.exe

windows7-x64

10

feb2c82a66...50.exe

windows10-2004-x64

10

fef2b831e5...91.exe

windows7-x64

8

fef2b831e5...91.exe

windows10-2004-x64

8

ff03c0c01a...cd.exe

windows7-x64

7

ff03c0c01a...cd.exe

windows10-2004-x64

10

ff1699c2d9...5a.exe

windows7-x64

10

ff1699c2d9...5a.exe

windows10-2004-x64

10

ff573ccb26...dd.exe

windows7-x64

10

ff573ccb26...dd.exe

windows10-2004-x64

10

ff5eef1816...3f.exe

windows7-x64

10

ff5eef1816...3f.exe

windows10-2004-x64

10

ff9b69031d...c2.exe

windows7-x64

10

ff9b69031d...c2.exe

windows10-2004-x64

10

ffc0421dee...0b.exe

windows7-x64

10

ffc0421dee...0b.exe

windows10-2004-x64

7

ffc45f2c58...73.exe

windows7-x64

10

ffc45f2c58...73.exe

windows10-2004-x64

10

fffa7ee6ec...91.exe

windows7-x64

10

fffa7ee6ec...91.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    23s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    22/03/2025, 06:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fe8a65a43dcdd12c0341ab7e5cc56c3f.exe

  • Size

    7.9MB

  • MD5

    fe8a65a43dcdd12c0341ab7e5cc56c3f

  • SHA1

    237ef3713a9ac7680f4f8ffc8c91c75b23f44b70

  • SHA256

    ffb47a00036b3d8580bd9cb61aed80d3658598bf0fc8a96dc8d81f04980a8f65

  • SHA512

    9032a4015ff5d172e26be7f91e6d11f33032784f48fd5f8d51a4d2a8b2a79c634f2efd081ea448728e14dad338f2f76a57a87bb35e22de5fdc04b9ad0eb01c3e

  • SSDEEP

    196608:J9sGLbd7rEWWn87E3QeotSqrG8YqcIXcZZB9:JmqbhrEbn87eZsFmq+J

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 2 IoCs
  • Loads dropped DLL 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 3 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fe8a65a43dcdd12c0341ab7e5cc56c3f.exe
    "C:\Users\Admin\AppData\Local\Temp\fe8a65a43dcdd12c0341ab7e5cc56c3f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of WriteProcessMemory
    PID:2608
    • C:\Users\Admin\AppData\Local\Temp\fkOBJrt.exe
      QzpcVXNlcnNcQWRtaW5cQXBwRGF0YVxMb2NhbFxUZW1wXGZlOGE2NWE0M2RjZGQxMmMwMzQxYWI3ZTVjYzU2YzNmLmV4ZQ== 44
      2⤵
      • Deletes itself
      • Executes dropped EXE
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      PID:1144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\fkOBJrt.exe
    Filesize

    7.9MB

    MD5

    6c31e99b63ffc899146796841eab2f4f

    SHA1

    a29d0c2eccbe37f0559cb711502fd98a39f207c6

    SHA256

    9c03e601dc3901549cba232e6a30da26676a4828dd6a0bcb36ade0d4a60a9768

    SHA512

    e5aeb712b2c04028475ec01130977f1dd019cba1ec22d6324ffd298bba9424e81714f7714668ddd2dc93cd85f646b12fc82fda7d1dc89cfdf49c0e3eb4bd0426

    Download Submit

  • memory/1144-22-0x00000000007C0000-0x00000000007D0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/1144-26-0x0000000021D00000-0x0000000022786000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/1144-38-0x00000000007C0000-0x00000000007CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1144-37-0x000007FEF5A90000-0x000007FEF647C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1144-17-0x000007FEF5A90000-0x000007FEF647C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1144-18-0x000000013FEA0000-0x00000001411B2000-memory.dmp

    Filesize

    19.1MB

    Download

  • memory/1144-19-0x000007FEF5A90000-0x000007FEF647C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1144-21-0x00000000007C0000-0x00000000007CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1144-36-0x000007FEF5A90000-0x000007FEF647C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/1144-20-0x00000000007C0000-0x00000000007CA000-memory.dmp

    Filesize

    40KB

    Download

  • memory/1144-32-0x0000000021D00000-0x0000000022786000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/1144-27-0x0000000077420000-0x0000000077422000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1144-31-0x0000000077420000-0x0000000077422000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1144-29-0x0000000077420000-0x0000000077422000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1144-34-0x0000000021D00000-0x0000000022786000-memory.dmp

    Filesize

    10.5MB

    Download

  • memory/2608-16-0x000007FEF5A90000-0x000007FEF647C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2608-2-0x000007FEF5A90000-0x000007FEF647C000-memory.dmp

    Filesize

    9.9MB

    Download

  • memory/2608-0-0x000007FEF5A93000-0x000007FEF5A94000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2608-1-0x000000013F280000-0x0000000140592000-memory.dmp

    Filesize

    19.1MB

    Download