Analysis

  • max time kernel
    150s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2022 08:37

General

  • Target

    9f909c20186f762a105237c1b65046507a5170987f28126852f8fdad9e8f82e2.exe

  • Size

    84KB

  • MD5

    0dddba022275271908daa0869b7c8276

  • SHA1

    e1641f9d8777c1624ecb247029d29c79f27eccf8

  • SHA256

    9f909c20186f762a105237c1b65046507a5170987f28126852f8fdad9e8f82e2

  • SHA512

    6183cd986643343d5622460ec7760b2cd9ef9bf4000ea828ba3d577ae0da18d0b7fafbaa9c89c63a315cb8f36ff650283ef4f4f700b9fb9c6b07236e3b43ac50

  • SSDEEP

    1536:USqKXdIMOQ3eWbHLn8SpvEhBx2R9dQAaOGBUBF5Kb9qourJL88HMERx3oY6jg:hfkuvvqx2/dsBUBFAqMINoY6jg

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9f909c20186f762a105237c1b65046507a5170987f28126852f8fdad9e8f82e2.exe
    "C:\Users\Admin\AppData\Local\Temp\9f909c20186f762a105237c1b65046507a5170987f28126852f8fdad9e8f82e2.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:980

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/980-54-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

    • memory/980-56-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

    • memory/980-57-0x0000000000000000-mapping.dmp

    • memory/980-59-0x0000000000150000-0x0000000000158000-memory.dmp

      Filesize

      32KB

    • memory/980-60-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

    • memory/1696-58-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB