Overview

overview

4

Static

static

e202763dc4...28.exe

windows7-x64

4

e202763dc4...28.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    14s
  • max time network
    17s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-10-2022 14:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e202763dc4101d3530c224cce90eb69665ad71a57831252f4fb4a23c08a59228.exe

  • Size

    84KB

  • MD5

    a2f56b3c2e094c9e6328dff930c4ce60

  • SHA1

    6588cebc1fb8e3014ea2e0ed639fd6c648833d34

  • SHA256

    e202763dc4101d3530c224cce90eb69665ad71a57831252f4fb4a23c08a59228

  • SHA512

    dd2dfff82811006b315baf847a7be0e130cd356730789604599ad97fb58f1ee96781351c48c8ad4c6a72a8d04cee2d77bb8579a5f680b6d5dde80bd01cf259d9

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUR:5m8nBjTmbxRBRN6WYiKqVo6ZR

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2688
      • C:\Users\Admin\AppData\Local\Temp\e202763dc4101d3530c224cce90eb69665ad71a57831252f4fb4a23c08a59228.exe
        "C:\Users\Admin\AppData\Local\Temp\e202763dc4101d3530c224cce90eb69665ad71a57831252f4fb4a23c08a59228.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:3896

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads