Overview

overview

1

Static

static

8d64fe6a9e...c2.exe

windows7-x64

1

8d64fe6a9e...c2.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    144s
  • max time network
    174s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2022, 11:48

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8d64fe6a9ef87224752cd9da716d22cb5f47dfcefce04d79beda2daee0eaefc2.exe

  • Size

    160KB

  • MD5

    06c0bd8503c717516b406ecc299927b1

  • SHA1

    2660032d5db73d7421127a7b2a3cad3f9dc7676a

  • SHA256

    8d64fe6a9ef87224752cd9da716d22cb5f47dfcefce04d79beda2daee0eaefc2

  • SHA512

    8d3be38400bfa7dd3cd98e4f8e8b5ca852614b9fd10e8229d5b6304d517140e387cb350e047a00ae9256335a1619b150f59f67ad1a89acf2a865158bd8e33ee4

  • SSDEEP

    3072:h5OaLr4N5KKmvNnDAPz0Kbmb1tjt5AaJTAeJTA:h5MFmvZADbmb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: MapViewOfSection 2 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8d64fe6a9ef87224752cd9da716d22cb5f47dfcefce04d79beda2daee0eaefc2.exe
    "C:\Users\Admin\AppData\Local\Temp\8d64fe6a9ef87224752cd9da716d22cb5f47dfcefce04d79beda2daee0eaefc2.exe"
    1⤵
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1172
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:916

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/916-55-0x0000000076711000-0x0000000076713000-memory.dmp

            Filesize

            8KB

            Download

          • memory/916-58-0x0000000000890000-0x0000000000898000-memory.dmp

            Filesize

            32KB

            Download

          • memory/916-59-0x0000000000080000-0x0000000000091000-memory.dmp

            Filesize

            68KB

            Download

          • memory/916-60-0x00000000001F0000-0x0000000000270000-memory.dmp

            Filesize

            512KB

            Download

          • memory/1172-56-0x0000000000400000-0x0000000000413000-memory.dmp

            Filesize

            76KB

            Download

          • memory/1172-57-0x00000000002D0000-0x00000000002E3000-memory.dmp

            Filesize

            76KB

            Download