Overview

overview

5

Static

static

1fb33425fc...64.exe

windows7-x64

5

1fb33425fc...64.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    91s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29/10/2022, 00:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1fb33425fc382402c4a035d3e112034ccbaee97a9464c192d270c9698c32b064.exe

  • Size

    563KB

  • MD5

    0b14c281ea491533e4e3e5ba87e49c06

  • SHA1

    26ae8346f5766175eeb3598c918ce7b45d7fd0c7

  • SHA256

    1fb33425fc382402c4a035d3e112034ccbaee97a9464c192d270c9698c32b064

  • SHA512

    740a0ced76accf233507da7e729c4f78b68dba4a24898d19f3a716c7dc9c800e1302e4a76bbfb7c5b3b006b7ef5b076fa2f245e0385e11b742ccb8c4ee2cef52

  • SSDEEP

    12288:+UjRSRMmZnOblCW9K00yj8nesP+jZLrm20Exro8AYeGXcYuecsKMOsd:+UjRSR3BkcWgnes2jd3kFYp29MOq

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3092
      • C:\Users\Admin\AppData\Local\Temp\1fb33425fc382402c4a035d3e112034ccbaee97a9464c192d270c9698c32b064.exe
        "C:\Users\Admin\AppData\Local\Temp\1fb33425fc382402c4a035d3e112034ccbaee97a9464c192d270c9698c32b064.exe"
        2⤵
        • Suspicious use of SetThreadContext
        • Suspicious use of WriteProcessMemory
        PID:2168
        • C:\Users\Admin\AppData\Local\Temp\1fb33425fc382402c4a035d3e112034ccbaee97a9464c192d270c9698c32b064.exe
          C:\Users\Admin\AppData\Local\Temp\1fb33425fc382402c4a035d3e112034ccbaee97a9464c192d270c9698c32b064.exe
          3⤵
          • Suspicious behavior: EnumeratesProcesses
          • Suspicious use of WriteProcessMemory
          PID:4928

    Network

      No results found
    • 209.197.3.8:80
      322 B
       7
    • 2.18.109.224:443
      322 B
       7
    • 52.109.8.44:443
      40 B
       1
    • 209.197.3.8:80
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2168-132-0x0000000000400000-0x0000000000551000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/2168-138-0x0000000000400000-0x0000000000551000-memory.dmp

      Filesize

      1.3MB

      Download

    • memory/3092-140-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/4928-134-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4928-135-0x0000000000400000-0x0000000000409000-memory.dmp

      Filesize

      36KB

      Download

    • memory/4928-139-0x0000000000400000-0x0000000000408960-memory.dmp

      Filesize

      34KB

      Download

    • memory/4928-141-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.