Overview

overview

10

Static

static

1160b80cc2...31.exe

windows7_x64

5

1160b80cc2...31.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    144s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    23-05-2022 21:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1160b80cc2c29c2d8f539db5f2cf462e22d18a844c209efc1acee557abfb9531.exe

  • Size

    1.2MB

  • MD5

    0f7bd05b30f126179999b60c1a107fa9

  • SHA1

    7349ecdca693a8a6805181c4e85f5bd82737b50a

  • SHA256

    1160b80cc2c29c2d8f539db5f2cf462e22d18a844c209efc1acee557abfb9531

  • SHA512

    dabe3688f90256d5b33749c5d329ced04d2419724b44477c9314ab09f7716e506e9c7d00f6c348d422068277972c015b10de43109955eb46ab307c5c4b2ba037

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious behavior: MapViewOfSection 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1160b80cc2c29c2d8f539db5f2cf462e22d18a844c209efc1acee557abfb9531.exe
    "C:\Users\Admin\AppData\Local\Temp\1160b80cc2c29c2d8f539db5f2cf462e22d18a844c209efc1acee557abfb9531.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of WriteProcessMemory
    PID:884
    • C:\Users\Admin\AppData\Local\Temp\1160b80cc2c29c2d8f539db5f2cf462e22d18a844c209efc1acee557abfb9531.exe
      "C:\Users\Admin\AppData\Local\Temp\1160b80cc2c29c2d8f539db5f2cf462e22d18a844c209efc1acee557abfb9531.exe"
      2⤵
        PID:2028

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/884-54-0x0000000075801000-0x0000000075803000-memory.dmp

      Filesize

      8KB

      Download

    • memory/884-55-0x0000000000400000-0x0000000000543000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2028-58-0x0000000001E70000-0x0000000001F00000-memory.dmp

      Filesize

      576KB

      Download

    • memory/2028-57-0x0000000001E70000-0x0000000001F00000-memory.dmp

      Filesize

      576KB

      Download

    • memory/2028-60-0x0000000074AC0000-0x000000007506B000-memory.dmp

      Filesize

      5.7MB

      Download