Overview

overview

8

Static

static

8

b88ee6faaa...56.exe

windows7-x64

1

b88ee6faaa...56.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    149s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    06-11-2022 06:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b88ee6faaa22bac734e043e9c30f03183969f2fec70522d7b6cc37ca323df656.exe

  • Size

    73KB

  • MD5

    229bb626f6395e60712626a99c7bc94c

  • SHA1

    30aa0cd93b7160215d9ffaa513624eec5e2c64fb

  • SHA256

    b88ee6faaa22bac734e043e9c30f03183969f2fec70522d7b6cc37ca323df656

  • SHA512

    cf6b8c3a3e16ef77e5d22e7df993edbf79c6535a1e99e3c3045963d09a285811e967081da966c2609abf95bea664c0e1aca12b22a2bab2eee273feca545eaf5f

  • SSDEEP

    1536:RbZmctCMCelsC46+1OtIW0Irp8eqaimN5/xSsh75wqAQSwbs4RQX3EiyCK:CdwIzw8Raie/xSsh1s1wbs4UFy9

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b88ee6faaa22bac734e043e9c30f03183969f2fec70522d7b6cc37ca323df656.exe
    "C:\Users\Admin\AppData\Local\Temp\b88ee6faaa22bac734e043e9c30f03183969f2fec70522d7b6cc37ca323df656.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1760
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:1332

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1332-54-0x0000000000080000-0x000000000008A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1332-56-0x0000000000080000-0x000000000008A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1332-58-0x0000000000000000-mapping.dmp

      Download

    • memory/1332-60-0x0000000000410000-0x0000000000418000-memory.dmp

      Filesize

      32KB

      Download

    • memory/1332-61-0x0000000000080000-0x000000000008A000-memory.dmp

      Filesize

      40KB

      Download

    • memory/1760-59-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download