Overview

overview

10

Static

static

winprofile

windows7-x64

1

winprofile

windows10-1703-x64

10

Analysis

  • max time kernel
    28s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    17-11-2022 04:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    872a5dee4be75a8677bf2d905227e43e706e3f87a008de30c16d5cd256730fad.exe

  • Size

    1.3MB

  • MD5

    e924f93d838f03edd47759695b5ced49

  • SHA1

    56fc3cdf00381bcf71fce9e3b7eecf07f53026b3

  • SHA256

    872a5dee4be75a8677bf2d905227e43e706e3f87a008de30c16d5cd256730fad

  • SHA512

    685733352962065d13a0cf22233b3c162899eff70947569e18796925182c579e07c608defffa967b9b9e917d1526f91c5ab0c82170bbac37f0f0cbc31b73da18

  • SSDEEP

    24576:lI9iDSZlHH3nDfaxT2sRhFjWP1kpWbF998XWVZDJ:lIcElXDAT2GhwjsWVBJ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\872a5dee4be75a8677bf2d905227e43e706e3f87a008de30c16d5cd256730fad.exe
    "C:\Users\Admin\AppData\Local\Temp\872a5dee4be75a8677bf2d905227e43e706e3f87a008de30c16d5cd256730fad.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1180-54-0x00000000020E0000-0x0000000002646000-memory.dmp
    Filesize

    5.4MB

    Download
  • memory/1180-55-0x00000000020E0000-0x0000000002646000-memory.dmp
    Filesize

    5.4MB

    Download
  • memory/1180-56-0x00000000003F0000-0x0000000000501000-memory.dmp
    Filesize

    1.1MB

    Download
  • memory/1180-57-0x0000000075A31000-0x0000000075A33000-memory.dmp
    Filesize

    8KB

    Download
  • memory/1180-58-0x00000000003F0000-0x0000000000501000-memory.dmp
    Filesize

    1.1MB

    Download
  • memory/1180-59-0x000000000CE50000-0x000000000CFDA000-memory.dmp
    Filesize

    1.5MB

    Download
  • memory/1180-60-0x00000000003F0000-0x0000000000501000-memory.dmp
    Filesize

    1.1MB

    Download