Overview

overview

5

Static

static

786908048e...f8.exe

windows7-x64

5

786908048e...f8.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    42s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2022, 01:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    786908048e35f98cc4b95ed07411ea69b1941699950e6ae872bcc2ea74b845f8.exe

  • Size

    448KB

  • MD5

    8b744561e5f41fa77da41d5732d4276e

  • SHA1

    6e574105a3814f47dd76079568c57d433f084b52

  • SHA256

    786908048e35f98cc4b95ed07411ea69b1941699950e6ae872bcc2ea74b845f8

  • SHA512

    9d05738cecf11301cdb5f3740fd0fceb942a52aae5d12d1fb2dd8d9f7fc9e17d3791e19aa98a35378e4c9bad3471c6ab1adb598e18ea4c3c4479301ef6a38ac0

  • SSDEEP

    6144:IAA1Rj5PowUY6IS7dmfNNoTng1TjX3OSnF5vwbPW3jQg664vUyTeRmIG+HgI:IrtPDS7wfInWneSnL2WFjzG+HF

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\786908048e35f98cc4b95ed07411ea69b1941699950e6ae872bcc2ea74b845f8.exe
    "C:\Users\Admin\AppData\Local\Temp\786908048e35f98cc4b95ed07411ea69b1941699950e6ae872bcc2ea74b845f8.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1648
    • C:\Users\Admin\AppData\Local\Temp\786908048e35f98cc4b95ed07411ea69b1941699950e6ae872bcc2ea74b845f8.exe
      C:\Users\Admin\AppData\Local\Temp\786908048e35f98cc4b95ed07411ea69b1941699950e6ae872bcc2ea74b845f8.exe
      2⤵
        PID:804

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/804-71-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-72-0x0000000075811000-0x0000000075813000-memory.dmp

      Filesize

      8KB

      Download

    • memory/804-58-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-60-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-61-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-63-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-57-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-64-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/804-74-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/804-73-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1648-68-0x0000000000220000-0x0000000000224000-memory.dmp

      Filesize

      16KB

      Download

    • memory/1648-54-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download

    • memory/1648-70-0x0000000001F31000-0x0000000001F35000-memory.dmp

      Filesize

      16KB

      Download

    • memory/1648-69-0x0000000000290000-0x00000000002C9000-memory.dmp

      Filesize

      228KB

      Download

    • memory/1648-67-0x0000000000400000-0x0000000000488000-memory.dmp

      Filesize

      544KB

      Download