Overview

overview

10

Static

static

10

7zS850A099...ed.exe

windows7_x64

10

7zS850A099...ed.exe

windows10-2004_x64

10

7zS850A099...1a.exe

windows7_x64

10

7zS850A099...1a.exe

windows10-2004_x64

1

7zS850A099...b7.exe

windows7_x64

10

7zS850A099...b7.exe

windows10-2004_x64

10

7zS850A099...5e.exe

windows7_x64

10

7zS850A099...5e.exe

windows10-2004_x64

10

7zS850A099...a0.exe

windows7_x64

10

7zS850A099...a0.exe

windows10-2004_x64

10

7zS850A099...95.exe

windows7_x64

7

7zS850A099...95.exe

windows10-2004_x64

7

7zS850A099...cb.exe

windows7_x64

10

7zS850A099...cb.exe

windows10-2004_x64

1

7zS850A099...58.exe

windows7_x64

7

7zS850A099...58.exe

windows10-2004_x64

1

7zS850A099...7f.exe

windows7_x64

7

7zS850A099...7f.exe

windows10-2004_x64

1

7zS850A099...32.exe

windows7_x64

7

7zS850A099...32.exe

windows10-2004_x64

7

7zS850A099...c3.exe

windows7_x64

8

7zS850A099...c3.exe

windows10-2004_x64

8

7zS850A099...e9.exe

windows7_x64

6

7zS850A099...e9.exe

windows10-2004_x64

6

7zS850A099...8c.exe

windows7_x64

8

7zS850A099...8c.exe

windows10-2004_x64

1

7zS850A099...8c.exe

windows7_x64

10

7zS850A099...8c.exe

windows10-2004_x64

10

7zS850A099...ll.exe

windows7_x64

10

7zS850A099...ll.exe

windows10-2004_x64

1

Analysis

  • max time kernel
    151s
  • max time network
    155s
  • platform
    windows7_x64
  • resource
    win7-en-20211208
  • submitted
    19-01-2022 08:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7zS850A099E/61e7502b8389b_Tue233252e9.exe

  • Size

    362KB

  • MD5

    bd97b9bdb9e842a76d084d9aae2157dc

  • SHA1

    05855bb520005e4105f053d40c464cb8c7b2f2d0

  • SHA256

    c739d1ae35aa6c63fb6f07b529bd25f77aad42260ed8a95a69487216fbb2b718

  • SHA512

    3e5112f757f7e54399b14d4a00c695a1268f1cf4534db95fa3e7529c437add41b4cf5429747635c16d8fbe1c0123e4522a8b08867ede9de3b5c73b75987a2c32

Score
6/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\7zS850A099E\61e7502b8389b_Tue233252e9.exe
    "C:\Users\Admin\AppData\Local\Temp\7zS850A099E\61e7502b8389b_Tue233252e9.exe"
    1⤵
      PID:1692

    Network

    MITRE ATT&CK Matrix ATT&CK v6

    Initial Access

    Execution

    Persistence

    Privilege Escalation

    Defense Evasion

    Credential Access

    Discovery

    Lateral Movement

    Collection

    Exfiltration

    Command and Control

    Web Service

    1
    T1102

    Impact

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1692-54-0x0000000075D51000-0x0000000075D53000-memory.dmp
      Filesize

      8KB

      Download
    • memory/1692-55-0x0000000000020000-0x0000000000040000-memory.dmp
      Filesize

      128KB

      Download
    • memory/1692-56-0x00000000002C0000-0x00000000002F8000-memory.dmp
      Filesize

      224KB

      Download
    • memory/1692-57-0x0000000000400000-0x0000000000462000-memory.dmp
      Filesize

      392KB

      Download