Overview

overview

5

Static

static

uncategori...ir.exe

windows7_x64

5

uncategori...ir.exe

windows10_x64

1

Analysis

  • max time kernel
    113s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    19-07-2020 19:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    uncategorized_1.5.1.1.vir.exe

  • Size

    134KB

  • MD5

    a2f116fccefd39f846fbbfe9325877eb

  • SHA1

    a42450003c23c45418e51ee178a1c3f4bf362bee

  • SHA256

    029e74511e4ad5a9272ad4c73b81bfa0c1e3330f436c81133f280024b406b76c

  • SHA512

    ad1cd770dd5107380e418de7fee594c22edf3d0e5fb835a6f1e2245cad679787a60a9ee4f51fec2864988fdfc2833f20f287fcb7bce8cb79996a65a6da70407c

Score
5/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 9 IoCs
  • Suspicious use of SetThreadContext 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\uncategorized_1.5.1.1.vir.exe
    "C:\Users\Admin\AppData\Local\Temp\uncategorized_1.5.1.1.vir.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    • Suspicious use of SetThreadContext
    PID:1460
    • C:\Users\Admin\AppData\Local\Temp\uncategorized_1.5.1.1.vir.exe
      "C:\Users\Admin\AppData\Local\Temp\uncategorized_1.5.1.1.vir.exe"
      2⤵
        PID:1564

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1564-0-0x0000000000400000-0x000000000041A000-memory.dmp
      Filesize

      104KB

      Download
    • memory/1564-1-0x000000000040C3D7-mapping.dmp
      Download
    • memory/1564-2-0x0000000000400000-0x000000000041A000-memory.dmp
      Filesize

      104KB

      Download