Analysis
-
max time kernel
84s -
max time network
90s -
platform
windows7_x64 -
resource
win7v200430 -
submitted
09-07-2020 07:44
General
-
Target
9e0d55ea6fbd06df70af866d0fe5bb79.exe
-
Size
152KB
-
MD5
9e0d55ea6fbd06df70af866d0fe5bb79
-
SHA1
38023f98c48e7c30dcf1b538ada8888343d1ecad
-
SHA256
486bdfa30d86eafc9fa6516ad67f6e7df39aa5fcbbe48f245e382ed38cc9adf8
-
SHA512
187e39b3a17883dcfcd621a33236c8fa8d19f1dbc03ef19cd91870e822c40798b76b640fa560b850b09432bc3ad2877a51a221d4750d075fa4fe3e64ad39b57e
Score
8/10
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
-
Executes dropped EXE 1 IoCs
-
NTFS ADS 1 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\9e0d55ea6fbd06df70af866d0fe5bb79.exe"C:\Users\Admin\AppData\Local\Temp\9e0d55ea6fbd06df70af866d0fe5bb79.exe"1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
- NTFS ADS
-
\??\c:\programdata\e6533cd889\bdif.exec:\programdata\e6533cd889\bdif.exe2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\ProgramData\83bb50ad72ec066ba3b2332b06c6d86c
-
C:\ProgramData\e6533cd889\bdif.exe
-
\ProgramData\e6533cd889\bdif.exe
-
memory/824-0-0x00000000002B0000-0x00000000002C0000-memory.dmpFilesize
64KB
-
memory/824-1-0x00000000002C0000-0x00000000002E5000-memory.dmpFilesize
148KB
-
memory/1416-3-0x0000000000000000-mapping.dmp
-
memory/1416-5-0x0000000000030000-0x0000000000040000-memory.dmpFilesize
64KB
-
memory/1416-6-0x00000000001C0000-0x00000000001E5000-memory.dmpFilesize
148KB