Overview

overview

8

Static

static

009a83236c...31.exe

windows7_x64

8

009a83236c...31.exe

windows10-2004_x64

8

Analysis

  • max time kernel
    45s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    24-05-2022 13:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    009a83236c600fd7ac034973f064284cec62f86631fe96e900cb664f86061431.exe

  • Size

    190KB

  • MD5

    2a4419024f501d168864771a38f85b8d

  • SHA1

    760c1466a8692be40614a3a21c6b5897be764ef1

  • SHA256

    009a83236c600fd7ac034973f064284cec62f86631fe96e900cb664f86061431

  • SHA512

    7cf472e20a1235de2ef4f31950bd8decf5036b0f42917c54b38f6212287a38b4a2057044fb76b9150de3608f3147d14447a74d19fe8514b42cf0bf92f103fa6c

Score
8/10

Malware Config

Signatures

  • Drops file in Drivers directory 2 IoCs
  • Executes dropped EXE 1 IoCs
  • Drops file in System32 directory 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\009a83236c600fd7ac034973f064284cec62f86631fe96e900cb664f86061431.exe
    "C:\Users\Admin\AppData\Local\Temp\009a83236c600fd7ac034973f064284cec62f86631fe96e900cb664f86061431.exe"
    1⤵
    • Drops file in Drivers directory
    PID:1648
  • C:\Windows\SysWOW64\drivers\svchost.exe
    C:\Windows\SysWOW64\drivers\svchost.exe
    1⤵
    • Executes dropped EXE
    • Drops file in System32 directory
    PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Windows\SysWOW64\drivers\svchost.exe
    Filesize

    190KB

    MD5

    2a4419024f501d168864771a38f85b8d

    SHA1

    760c1466a8692be40614a3a21c6b5897be764ef1

    SHA256

    009a83236c600fd7ac034973f064284cec62f86631fe96e900cb664f86061431

    SHA512

    7cf472e20a1235de2ef4f31950bd8decf5036b0f42917c54b38f6212287a38b4a2057044fb76b9150de3608f3147d14447a74d19fe8514b42cf0bf92f103fa6c

    Download Submit
  • memory/1648-54-0x0000000075BA1000-0x0000000075BA3000-memory.dmp
    Filesize

    8KB

    Download