Analysis
-
max time kernel
138s -
max time network
11s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
13-01-2021 07:11
Static task
static1
Behavioral task
behavioral1
Sample
b604247ade575ac39bc1597c9bdc3164.exe
Resource
win7v20201028
0 signatures
0 seconds
General
-
Target
b604247ade575ac39bc1597c9bdc3164.exe
-
Size
898KB
-
MD5
b604247ade575ac39bc1597c9bdc3164
-
SHA1
bb678d0aabb6200092bfb60234c15d46b7b9ab55
-
SHA256
7f0f65f78d6fe0a0e7eb8771be51e8b3cf86a5bef749eafe8d56d99b13cdc51a
-
SHA512
e2ead1d0d6c7a86b9cb41a524bfb656264336adf4244fdbe6b54e340958b4aec48afae26f6b429beaa6ba0855f8d246f4f869b9a113cd5a2f536e18ed58904fe
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
b604247ade575ac39bc1597c9bdc3164.exedescription pid process target process PID 1048 wrote to memory of 1584 1048 b604247ade575ac39bc1597c9bdc3164.exe cmd.exe PID 1048 wrote to memory of 1584 1048 b604247ade575ac39bc1597c9bdc3164.exe cmd.exe PID 1048 wrote to memory of 1584 1048 b604247ade575ac39bc1597c9bdc3164.exe cmd.exe PID 1048 wrote to memory of 1584 1048 b604247ade575ac39bc1597c9bdc3164.exe cmd.exe