Overview

overview

5

Static

static

359b588984...9b.exe

windows7-x64

5

359b588984...9b.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    193s
  • max time network
    206s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 22:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    359b5889845437ef029d1833013970f6ddbb898d143d6bf4f41a4a8f94dba69b.exe

  • Size

    244KB

  • MD5

    368784d859bd4cceede26a8b59af0a29

  • SHA1

    742ed707eac88382419e0eaffe583ce7b5e83184

  • SHA256

    359b5889845437ef029d1833013970f6ddbb898d143d6bf4f41a4a8f94dba69b

  • SHA512

    82ec02431bb7f1cf74ed294ba9d8c8e20ba0f56d3528f3c50206e15c61f513762184dc9d9685caff910aa0a1d80b351b05b0e7ef24315aa06ae9a98529704dbb

  • SSDEEP

    6144:2kzF5pqcM6IwQjJHBCMduH+frhk3IzvMqdEY1WFWX5Hi:rzHpKNw6JHXLhk3EMosii

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\359b5889845437ef029d1833013970f6ddbb898d143d6bf4f41a4a8f94dba69b.exe
    "C:\Users\Admin\AppData\Local\Temp\359b5889845437ef029d1833013970f6ddbb898d143d6bf4f41a4a8f94dba69b.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1532

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/0-135-0x0000000000400000-0x0000000000445000-memory.dmp

    Filesize

    276KB

    Download

  • memory/1532-132-0x0000000000400000-0x0000000000495000-memory.dmp

    Filesize

    596KB

    Download

  • memory/1532-136-0x0000000000400000-0x0000000000495000-memory.dmp

    Filesize

    596KB

    Download