Overview

overview

6

Static

static

6

22cobblere...in.exe

windows7_x64

1

22cobblere...in.exe

windows10_x64

1

Analysis

  • max time kernel
    27s
  • max time network
    26s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    14/09/2020, 17:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    22cobblerelfs3232.bin.exe

  • Size

    5.2MB

  • MD5

    4ee6e29fa26f2c3f08c0137daf31cc61

  • SHA1

    3443d69f201ceefa69c72b9881c19dbd8fcbd5af

  • SHA256

    b226c3b4d8634f9ede3d526c5ee287287c20cf7173154c4db64ec5235800ddcd

  • SHA512

    08c7ced260360f66b3a8fb54d6ab64a47e6ecdea95f9fab3e8a38f8fd4b5b6010c3f961475399d12e1c9026bbf9ec23027781624a9bb3cda1666477e8153be6b

Score
1/10

Malware Config

Signatures

  • Gathers system information 1 TTPs 1 IoCs

    Runs systeminfo.exe.

  • GoLang User-Agent 1 IoCs

    Uses default user-agent string defined by GoLang HTTP packages.

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\22cobblerelfs3232.bin.exe
    "C:\Users\Admin\AppData\Local\Temp\22cobblerelfs3232.bin.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1100
    • C:\Windows\SysWOW64\Systeminfo.exe
      Systeminfo
      2⤵
      • Gathers system information
      PID:1636

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1100-0-0x0000000000400000-0x0000000000957000-memory.dmp

    Filesize

    5.3MB

    Download