Overview

overview

1

Static

static

2727bd01da...7f.exe

windows7-x64

1

2727bd01da...7f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    07-11-2022 13:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f.exe

  • Size

    123KB

  • MD5

    200e0535a8e75d1f4af402c0812a5981

  • SHA1

    9d4e26a11c648ed4b46c38c930a195857eb2e76f

  • SHA256

    2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f

  • SHA512

    48c620f5025d6c778377c19dcdcd24bd5e7f735e443e105f202b53ad5275ec0b7f26b928f958fd8c6d02435c57ae7bed6f0ba7b83f92f8193652bf90f93138ab

  • SSDEEP

    3072:WgjX6QrMh/9dabMwB8f2CqKIgCcUmXLXOVmE4:Wo6sMBA+f2kIgfhXLeVmE

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f.exe
    "C:\Users\Admin\AppData\Local\Temp\2727bd01da0aff0009bc5e564ecf925a9d048c3a1a2cb60d329cca7c6ee24e7f.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:864
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:892

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/864-54-0x0000000000400000-0x0000000000433000-memory.dmp

      Filesize

      204KB

      Download

    • memory/864-59-0x0000000000290000-0x00000000002A4000-memory.dmp

      Filesize

      80KB

      Download

    • memory/892-55-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download

    • memory/892-57-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download

    • memory/892-60-0x0000000000F30000-0x0000000000F38000-memory.dmp

      Filesize

      32KB

      Download

    • memory/892-61-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download