Analysis
-
max time kernel
129s -
max time network
42s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
29-05-2020 19:54
Static task
static1
Behavioral task
behavioral1
Sample
Swift-NTMO8112.r11.exe
Resource
win7v200430
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
Swift-NTMO8112.r11.exe
Resource
win10v200430
windows10_x64
0 signatures
0 seconds
General
-
Target
Swift-NTMO8112.r11.exe
-
Size
369KB
-
MD5
8d09522ab3445893fd7f7591b73855d7
-
SHA1
3628b248c39e81f0f493f54e215ac06ba7bd85bd
-
SHA256
52594dae04135a7be866b5a1e1a12328d6d3fcdadeedfd5f8a267d7d67974165
-
SHA512
c30651c8db6ebc9cd6f4ac0d03a0e428ab17fbfb82cd984be05dd55ef1b46b37340146b7970068aff3baceefad0001aef3070004e8757234c2fa14ac100363b5
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Swift-NTMO8112.r11.exedescription pid process target process PID 280 wrote to memory of 1836 280 Swift-NTMO8112.r11.exe dw20.exe PID 280 wrote to memory of 1836 280 Swift-NTMO8112.r11.exe dw20.exe PID 280 wrote to memory of 1836 280 Swift-NTMO8112.r11.exe dw20.exe PID 280 wrote to memory of 1836 280 Swift-NTMO8112.r11.exe dw20.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1836-0-0x0000000001E70000-0x0000000001E81000-memory.dmpFilesize
68KB