Overview

overview

1

Static

static

2e839a25cb...5f.exe

windows7-x64

1

2e839a25cb...5f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    36s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    19/09/2022, 19:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2e839a25cb543f914301dc82199cad93b364494bc0474713f82f2bf522fbe15f.exe

  • Size

    132KB

  • MD5

    823298b33117918a7900807bd26c6207

  • SHA1

    4069e0578c8e928f98df4317337323d3de72d6b0

  • SHA256

    2e839a25cb543f914301dc82199cad93b364494bc0474713f82f2bf522fbe15f

  • SHA512

    95e5cc9fe06dbc47eba56ecb26ef1c00a4905b0aaad3a51dff218cc7c0fece8ed63edf636f4216f4a28f0e18d5133fb215cea7bab4530b2ef2de889debd26716

  • SSDEEP

    3072:6WdcEE1cMy8QYvtg8lwdC8ifg6nzDqcvU:/nMWYauwdgPnPqB

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1212
      • C:\Users\Admin\AppData\Local\Temp\2e839a25cb543f914301dc82199cad93b364494bc0474713f82f2bf522fbe15f.exe
        "C:\Users\Admin\AppData\Local\Temp\2e839a25cb543f914301dc82199cad93b364494bc0474713f82f2bf522fbe15f.exe"
        2⤵
        • Suspicious use of UnmapMainImage
        • Suspicious use of WriteProcessMemory
        PID:1132

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1132-58-0x0000000000400000-0x0000000000418000-memory.dmp

      Filesize

      96KB

      Download

    • memory/1212-56-0x0000000002960000-0x000000000296C000-memory.dmp

      Filesize

      48KB

      Download

    • memory/1212-54-0x0000000002960000-0x000000000296C000-memory.dmp

      Filesize

      48KB

      Download