Overview

overview

7

Static

static

5329cd821c...dd.exe

windows7-x64

7

5329cd821c...dd.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    128s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 11:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5329cd821ca71679695104b00fe1df7c71b3497feff230d961f8aaf7f602dbdd.exe

  • Size

    16KB

  • MD5

    7b46afcf58d0ceb17f12044179740cc4

  • SHA1

    b079ac855d6d6d33a5200e16d99e7d56d164e1fd

  • SHA256

    5329cd821ca71679695104b00fe1df7c71b3497feff230d961f8aaf7f602dbdd

  • SHA512

    8efe3d3c94ab0694d11ac78367e4d25824d7a8f3afda0181e279310c101f4a0075cd927674fb9eee1285e0d6f449403bd7e0720fec0365a5fb7b42e0a602e764

  • SSDEEP

    96:CXTacedhER/uEq8zH1gWxq2sjq+ArVkxeUIjTT8jtPtboynwEzB:8aceL8Q8ZgWbFiLUTiP1oynwE

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5329cd821ca71679695104b00fe1df7c71b3497feff230d961f8aaf7f602dbdd.exe
    "C:\Users\Admin\AppData\Local\Temp\5329cd821ca71679695104b00fe1df7c71b3497feff230d961f8aaf7f602dbdd.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4800
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\\del_temp.bat
      2⤵
        PID:4580

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\del_temp.bat
      Filesize

      246B

      MD5

      5b02fd939c91b9c8d1adb05436d51651

      SHA1

      82835bcbef1b25f287bebfa9638c21fc1fc4cbe0

      SHA256

      5ff2f9c217c396503efc89499cf26c0ab255d71097f2e26ef957f47f7c1bb2c3

      SHA512

      38e447cd1ece4276b3d3b3024dc241b525f593623194f123207ab3923806090c2984f6b3194cdf696992c92baf86d1fab0a6c198dc87c3208218a40e96131170

      Download Submit
    • memory/4580-132-0x0000000000000000-mapping.dmp
      Download