bd024a2d3614619580133f7b37229fc02ddc33cbec6dedd2d2354ee2aee4625e

Resubmissions

08/09/2022, 11:31

220908-nm8khaedh6 1

Analysis

max time kernel
17s
platform
windows7_x64
resource
win7-20220812-en
resource tags

arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
submitted
08/09/2022, 11:31

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

injector.exe
Size

16KB
MD5

c1abd742955d66bc6432dbfe00ba0f7d
SHA1

7dcb4f0fb56488db3f62cc80935ff1adae579b18
SHA256

bd024a2d3614619580133f7b37229fc02ddc33cbec6dedd2d2354ee2aee4625e
SHA512

a06830d5a2293a698e37a338804812e9f7863f577475b626c7b487c530315f4488d8ea35e3252be24c92ab9a00fe4d43484e78447bd16eed5fe5f9c661afd53c
SSDEEP

384:n4JL552CiFFm9HputtO1fChA0EX8jcmeH0/q+bOGHdVFwC:n4Z2tcNfC+0EXMVlb/Hd

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 32 IoCs

description	pid	Process	procid_target
PID 1184 wrote to memory of 1860	1184	injector.exe	27
PID 1184 wrote to memory of 1860	1184	injector.exe	27
PID 1184 wrote to memory of 1860	1184	injector.exe	27
PID 1184 wrote to memory of 1860	1184	injector.exe	27
PID 1184 wrote to memory of 1748	1184	injector.exe	28
PID 1184 wrote to memory of 1748	1184	injector.exe	28
PID 1184 wrote to memory of 1748	1184	injector.exe	28
PID 1184 wrote to memory of 1748	1184	injector.exe	28
PID 1184 wrote to memory of 1612	1184	injector.exe	29
PID 1184 wrote to memory of 1612	1184	injector.exe	29
PID 1184 wrote to memory of 1612	1184	injector.exe	29
PID 1184 wrote to memory of 1612	1184	injector.exe	29
PID 1184 wrote to memory of 988	1184	injector.exe	30
PID 1184 wrote to memory of 988	1184	injector.exe	30
PID 1184 wrote to memory of 988	1184	injector.exe	30
PID 1184 wrote to memory of 988	1184	injector.exe	30
PID 1184 wrote to memory of 900	1184	injector.exe	31
PID 1184 wrote to memory of 900	1184	injector.exe	31
PID 1184 wrote to memory of 900	1184	injector.exe	31
PID 1184 wrote to memory of 900	1184	injector.exe	31
PID 1184 wrote to memory of 1128	1184	injector.exe	32
PID 1184 wrote to memory of 1128	1184	injector.exe	32
PID 1184 wrote to memory of 1128	1184	injector.exe	32
PID 1184 wrote to memory of 1128	1184	injector.exe	32
PID 1184 wrote to memory of 944	1184	injector.exe	33
PID 1184 wrote to memory of 944	1184	injector.exe	33
PID 1184 wrote to memory of 944	1184	injector.exe	33
PID 1184 wrote to memory of 944	1184	injector.exe	33
PID 1184 wrote to memory of 2020	1184	injector.exe	34
PID 1184 wrote to memory of 2020	1184	injector.exe	34
PID 1184 wrote to memory of 2020	1184	injector.exe	34
PID 1184 wrote to memory of 2020	1184	injector.exe	34

C:\Users\Admin\AppData\Local\Temp\injector.exe
"C:\Users\Admin\AppData\Local\Temp\injector.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1184
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1860
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c color D
  2⤵
  PID:1748
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1612
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:988
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c color D
  2⤵
  PID:900
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1128
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:944
- C:\Windows\SysWOW64\cmd.exe
  C:\Windows\system32\cmd.exe /c color D
  2⤵
  PID:2020

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads