Overview

overview

5

Static

static

d6b6ecb405...59.exe

windows7-x64

5

d6b6ecb405...59.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    90s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 09:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe

  • Size

    1.3MB

  • MD5

    08bd780e8948ce1e49639ad4796acb5a

  • SHA1

    8850ad6c6f0e25b84592b5a713d258a151a77c10

  • SHA256

    d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59

  • SHA512

    12e1a20a10dc48258efac12254ae6547e6260d92498c85ea61268e900bbef59602a596552c40a65674f0fb35c28e64ec0680e72794e461e9db796b0323ecdafa

  • SSDEEP

    24576:zrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPak:zrKo4ZwCOnYjVmJPa

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe
    "C:\Users\Admin\AppData\Local\Temp\d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:384
    • C:\Users\Admin\AppData\Local\Temp\d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:368

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/368-132-0x0000000000000000-mapping.dmp

    Download

  • memory/368-133-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/368-134-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/368-135-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/368-136-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/368-137-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download