Analysis

  • max time kernel
    142s
  • max time network
    22s
  • platform
    windows7_x64
  • resource
    win7v200430
  • submitted
    10-07-2020 17:44

General

  • Target

    SecuriteInfo.com.Trojan.GenericKD.43466730.30129.29543.exe

  • Size

    288KB

  • MD5

    9d4c81c16699da96cacc73cabaaf9fb4

  • SHA1

    10ff1580fb137006d2e396ee9432ff4a84b409b7

  • SHA256

    0638b1723d45eb9fbbf4db0428aeb59b08da4082779c361ae881445ef35bb6d4

  • SHA512

    9ce9fecf3921ba70e9e0a92400439d842073d1cc5f52e16f06a4c4259622ea42d4314b8700edd7e24a6b34276e29b93eb7100f5a0a6f774048c96a1bdf23b0c0

Score
5/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs
  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.GenericKD.43466730.30129.29543.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.GenericKD.43466730.30129.29543.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    • Suspicious use of SetThreadContext
    PID:1092
    • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.GenericKD.43466730.30129.29543.exe
      "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.GenericKD.43466730.30129.29543.exe"
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1796

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1796-2-0x0000000000400000-0x000000000042D000-memory.dmp

    Filesize

    180KB