Overview

overview

4

Static

static

15d9bc0a3b...5c.exe

windows7-x64

4

15d9bc0a3b...5c.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    41s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    20/10/2022, 00:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    15d9bc0a3b8543327ddf0e2236b52fdcddbedf3744a5b40fb162addf17d5d25c.exe

  • Size

    84KB

  • MD5

    a0b001b95589201f9740ab2a1eb803f8

  • SHA1

    5338c5892f37e25afedf173383746f4c4cc3fe23

  • SHA256

    15d9bc0a3b8543327ddf0e2236b52fdcddbedf3744a5b40fb162addf17d5d25c

  • SHA512

    08dc96f20a71b0787cf2b758671fa9935670fb0559160757a22776f5c478558e40eb991bf86c8730db514845751dff41cf2564c700d0b3f16408695191663bb1

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUi:5m8nBjTmbxRBRN6WYiKqVo6Zi

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1288
      • C:\Users\Admin\AppData\Local\Temp\15d9bc0a3b8543327ddf0e2236b52fdcddbedf3744a5b40fb162addf17d5d25c.exe
        "C:\Users\Admin\AppData\Local\Temp\15d9bc0a3b8543327ddf0e2236b52fdcddbedf3744a5b40fb162addf17d5d25c.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1976

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads