Overview

overview

4

Static

static

672b54ba5c...f1.exe

windows7-x64

4

672b54ba5c...f1.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    45s
  • max time network
    63s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2022, 09:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    672b54ba5c80393fe672edc0bf6567ff44cbfd9b21ba99151f696c79a4e67bf1.exe

  • Size

    84KB

  • MD5

    737604a4f265e4ee351ea83d1fc9608a

  • SHA1

    5fb08540506a251756836b36d881c8057143e761

  • SHA256

    672b54ba5c80393fe672edc0bf6567ff44cbfd9b21ba99151f696c79a4e67bf1

  • SHA512

    5468a43ddd9948ef3da9eb0de6c2c49d66225ec4dc7234cc8ef7a2991a1b30595941c4007b970b20e9224418a3c197280e3e936b37cc613c447400673f86a50a

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUc:5m8nBjTmbxRBRN6WYiKqVo6Zc

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1280
      • C:\Users\Admin\AppData\Local\Temp\672b54ba5c80393fe672edc0bf6567ff44cbfd9b21ba99151f696c79a4e67bf1.exe
        "C:\Users\Admin\AppData\Local\Temp\672b54ba5c80393fe672edc0bf6567ff44cbfd9b21ba99151f696c79a4e67bf1.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1368

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads