Overview

overview

10

Static

static

Skype-8.87.0.406.exe

windows7-x64

10

Skype-8.87.0.406.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    143s
  • max time network
    507s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16-08-2022 08:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Skype-8.87.0.406.exe

  • Size

    84.9MB

  • MD5

    6a52b4efb00ea46c34f924acc2b2e289

  • SHA1

    feecc09bf944b9e663acdd2aa07e36f4f3b2a5ce

  • SHA256

    5b0dc5071cf7fdc13f1b2e10ef06c1161be85aec193ea7dd5ac8c60738fd6d5f

  • SHA512

    0081cbab52198a6ce08c52da51138ad653614e131542d533c68d57ab36c7d3d816bad61f622b8c3cbaf519e074c695837c1a02efbad928cb917a3af93e696046

Score
8/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Skype-8.87.0.406.exe
    "C:\Users\Admin\AppData\Local\Temp\Skype-8.87.0.406.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5044
    • C:\Users\Admin\AppData\Local\Temp\is-CDKQM.tmp\Skype-8.87.0.406.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-CDKQM.tmp\Skype-8.87.0.406.tmp" /SL5="$B0046,88396875,404480,C:\Users\Admin\AppData\Local\Temp\Skype-8.87.0.406.exe"
      2⤵
      • Executes dropped EXE
      PID:2876

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-CDKQM.tmp\Skype-8.87.0.406.tmp
    Filesize

    1.4MB

    MD5

    4a5076a8fb16791787211b614d4fb9e8

    SHA1

    cfc1c4c9cc1a5b150d0b390cdc4cef3a6eb02006

    SHA256

    2f4cf46a9d3573f0083384d08c18c119a9ca29bc6e9ab5bee7abc1db0a2b773d

    SHA512

    897f8c49e63e9df627f390edea7ffe8bd21f8a4425101ae505257b274082e175631a5cfb73e6a0bea771716e2054389d93d5c63a5c0a19f087bd5f23fef40204

    Download Submit

  • memory/5044-132-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/5044-134-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download

  • memory/5044-137-0x0000000000400000-0x000000000046D000-memory.dmp

    Filesize

    436KB

    Download