Overview

overview

8

Static

static

3aa3a9ea48...b0.exe

windows7-x64

8

3aa3a9ea48...b0.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    38s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    28-10-2022 22:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3aa3a9ea48610fc549168e531120d975ce2ccfb76bc5d9df508badbd4b5240b0.exe

  • Size

    43KB

  • MD5

    088cf34356cc5d4a5d65641f9b783660

  • SHA1

    771910265a4f91542bafcd16b3b010cb7e95572c

  • SHA256

    3aa3a9ea48610fc549168e531120d975ce2ccfb76bc5d9df508badbd4b5240b0

  • SHA512

    8fc9c785d1ee17ef276461a8e6b49ad61aed3e8c405852a259d5f01db65a4bc9710550dce1b2ccc00d6b9f96944160c2936bf7b844b952af49995454eb445def

  • SSDEEP

    768:xSPKF8HpAbPSmOcfI3rG9VTvf2mh5R1v6HVjHzsqvtq1hlVx1peBN7+TkiHCCjP:1bVT+Ymp/2h8BGHCCrk

Score
8/10
evasion

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\3aa3a9ea48610fc549168e531120d975ce2ccfb76bc5d9df508badbd4b5240b0.exe
    "C:\Users\Admin\AppData\Local\Temp\3aa3a9ea48610fc549168e531120d975ce2ccfb76bc5d9df508badbd4b5240b0.exe"
    1⤵
      PID:1776
      • C:\Users\Admin\AppData\Local\Temp\system32.exe
        "C:\Users\Admin\AppData\Local\Temp\system32.exe"
        2⤵
          PID:1544
      • C:\Windows\SysWOW64\netsh.exe
        netsh firewall add allowedprogram "C:\Users\Admin\AppData\Local\Temp\system32.exe" "system32.exe" ENABLE
        1⤵
        • Modifies Windows Firewall
        PID:1424

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Temp\system32.exe
        Filesize

        3KB

        MD5

        e9ce02869d41db716f9543ef24befeeb

        SHA1

        9fdcfd1d22926c4bc1e099014241a2a83ac31ab5

        SHA256

        2ee91bf20b874e67bebdd676c00d6bfe95835fc78a73c7a01e7e099ee7727ff3

        SHA512

        27e90911708c8ce83904a0ee9c2009e99f8c78dfb0e66242db692a28bcc03c6c0f89ac8a1a3c4fcf71ea9333b63c3bf666cadb37a533e68601e7ff81faaccf27

        Download Submit

      • C:\Users\Admin\AppData\Local\Temp\system32.exe
        Filesize

        17KB

        MD5

        cfcdf41faf082d9c55757267fcba0f40

        SHA1

        2066aa61dcdddecd33c7504a14c801b417453787

        SHA256

        dedc9bfcd85e0b2617d510db20a050a705a9b6b31424a72ab29898696f63a596

        SHA512

        ff9da631e0586bd97679797d3a49545cc54621479c5bed634bd4b2a5396cc99f340c90167f3cecf1f9b58f61154f21f6f2e0adc7867653aa648f5bde79a71f63

        Download Submit

      • \Users\Admin\AppData\Local\Temp\system32.exe
        Filesize

        6KB

        MD5

        ca07dc516f8e33970f91537b4bfd0c7e

        SHA1

        87b5c1cb5666d4313a6d55a7c47b0c7bd241ec0c

        SHA256

        58a4495cf51217f04e8c6028fa9df6c70ed04e257cee7159ab868a271a6afd82

        SHA512

        4794cc128b42bc95761d17ade209100dce0498110da6fa00806ab58529e0ac9ce54e64a4c2d5cc9df8bc1638971a257fc3d8151b627a4d9413f5bc97c408c517

        Download Submit

      • memory/1544-62-0x00000000740B0000-0x000000007465B000-memory.dmp

        Filesize

        5.7MB

        Download

      • memory/1776-54-0x0000000075DF1000-0x0000000075DF3000-memory.dmp

        Filesize

        8KB

        Download

      • memory/1776-61-0x00000000740B0000-0x000000007465B000-memory.dmp

        Filesize

        5.7MB

        Download