Overview

overview

1

Static

static

a9471a5eef...d1.exe

windows7-x64

1

a9471a5eef...d1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-10-2022 01:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9471a5eef4c8a63dc694a09240f6ee5b8de31d0a15a4cfcbe1cdce0f9a14ad1.exe

  • Size

    28KB

  • MD5

    911accd7331bb24b3c2273da75ae02c9

  • SHA1

    0b8b0ea7e756baffe0a19bdbed791febee355ead

  • SHA256

    a9471a5eef4c8a63dc694a09240f6ee5b8de31d0a15a4cfcbe1cdce0f9a14ad1

  • SHA512

    3dc056a04a2fc22bd3455cc39b90da5768c74f9022b48f41edb1f950814e1a36330c823453ff1a4e21d7f8ce09f0b51331ff4129cff55c92aaf7c649e009596d

  • SSDEEP

    384:UmOyMLjKMPH1Dxw7ZA8l9ZoA7k+w9G5hmssR0IkR46nzojn8mgRRtssIeo/r5J1m:hUjKVjl9xw3x6nz7vj1wrU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:760
      • C:\Users\Admin\AppData\Local\Temp\a9471a5eef4c8a63dc694a09240f6ee5b8de31d0a15a4cfcbe1cdce0f9a14ad1.exe
        "C:\Users\Admin\AppData\Local\Temp\a9471a5eef4c8a63dc694a09240f6ee5b8de31d0a15a4cfcbe1cdce0f9a14ad1.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1900

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/760-134-0x000000007FFC0000-0x000000007FFC6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/1900-132-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1900-133-0x0000000010000000-0x0000000010011000-memory.dmp

      Filesize

      68KB

      Download