Overview

overview

8

Static

static

8

9738c7021f...46.exe

windows7_x64

8

9738c7021f...46.exe

windows10_x64

5

Analysis

  • max time kernel
    13s
  • max time network
    110s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    05-04-2021 00:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9738c7021fdded8bb03e1588d17386dc175328630ecb0f1a3d671dfc4fb18d46.exe

  • Size

    269KB

  • MD5

    ba28a06e2aae1052319541d4124122c5

  • SHA1

    20613e49ee5b14dc04c7b045900f1d0e1b4173be

  • SHA256

    9738c7021fdded8bb03e1588d17386dc175328630ecb0f1a3d671dfc4fb18d46

  • SHA512

    9aaaa26c106043d56c48f89b3dd7b84ba9bbf7951c5e82a622d0eb93169e9520643bd5cb6b49dbd1cce7f5cd776e6b62b855266c099304acd3b9faa703187f25

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9738c7021fdded8bb03e1588d17386dc175328630ecb0f1a3d671dfc4fb18d46.exe
    "C:\Users\Admin\AppData\Local\Temp\9738c7021fdded8bb03e1588d17386dc175328630ecb0f1a3d671dfc4fb18d46.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:3996
    • C:\Users\Admin\AppData\Local\Temp\9738c7021fdded8bb03e1588d17386dc175328630ecb0f1a3d671dfc4fb18d46.exe
      C:\Users\Admin\AppData\Local\Temp\9738c7021fdded8bb03e1588d17386dc175328630ecb0f1a3d671dfc4fb18d46.exe
      2⤵
        PID:2096

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2096-3-0x0000000000400000-0x0000000000427000-memory.dmp
      Filesize

      156KB

      Download
    • memory/2096-4-0x000000000041D522-mapping.dmp
      Download
    • memory/2096-5-0x0000000000400000-0x0000000000427000-memory.dmp
      Filesize

      156KB

      Download
    • memory/3996-2-0x0000000000A20000-0x0000000000A21000-memory.dmp
      Filesize

      4KB

      Download