Overview

overview

7

Static

static

8c6477d245...ed.exe

windows7-x64

7

8c6477d245...ed.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    427s
  • max time network
    431s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    27/10/2022, 06:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8c6477d2457a28f715a34e9501d2bf06a17518adefb65910fd644543d91f472f_unpacked.exe

  • Size

    124KB

  • MD5

    b91344a1186930816070e8f8ee7b101f

  • SHA1

    b5b1c5ad7875483bed35cf5ded55b4be157062c2

  • SHA256

    25dd5de402dbcd1715b11d9946c64abfe8bf06ae1e4aa483233fb46594b84215

  • SHA512

    572adb51c681ca9da16d530a649480d812e0d1cf6a4ba501bdf4592fcf7403423f4d86930fac7f63cd1b2d0cfe6b233a0104e11d08da63f122f929c45c667016

  • SSDEEP

    3072:USmNvn/TnyFhkRuqzTmSkgGvm9cakCNKTU6TBf5PTh:USmN//TyezTjk8iJY6TBRP

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8c6477d2457a28f715a34e9501d2bf06a17518adefb65910fd644543d91f472f_unpacked.exe
    "C:\Users\Admin\AppData\Local\Temp\8c6477d2457a28f715a34e9501d2bf06a17518adefb65910fd644543d91f472f_unpacked.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1308
    • C:\Windows\SysWOW64\explorer.exe
      explorer.exe
      2⤵
      • Deletes itself
      PID:1148

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1148-57-0x0000000074641000-0x0000000074643000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1148-58-0x0000000000710000-0x0000000000991000-memory.dmp

    Filesize

    2.5MB

    Download

  • memory/1148-59-0x0000000000580000-0x00000000005A6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/1148-60-0x0000000000580000-0x00000000005A6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/1308-54-0x0000000074DA1000-0x0000000074DA3000-memory.dmp

    Filesize

    8KB

    Download