Overview

overview

1

Static

static

b3f14f94d3...59.exe

windows7-x64

1

b3f14f94d3...59.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    190s
  • max time network
    212s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 11:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b3f14f94d3b86ce2a8cd818e2a3005ef5bef40b85fa2db7886c7fbcf3fcd2d59.exe

  • Size

    518KB

  • MD5

    080d01d25c30dfac32f413018c3f6dc3

  • SHA1

    df4be597eebf368f9cbde48f0a61955121855b3d

  • SHA256

    b3f14f94d3b86ce2a8cd818e2a3005ef5bef40b85fa2db7886c7fbcf3fcd2d59

  • SHA512

    40c27231f15273922e74ab230d832a0e4cc3d9ecb97909ee859b39a722b362973111e86265442ffb13c9353ff857d11562910c21564a09270c0c92221a8cd21a

  • SSDEEP

    12288:sZzTjDuwLHdHamUTg+AEgwYYlLPt5oKnWq3Ub:hI9aRTYEhlLPt5/Wh

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b3f14f94d3b86ce2a8cd818e2a3005ef5bef40b85fa2db7886c7fbcf3fcd2d59.exe
    "C:\Users\Admin\AppData\Local\Temp\b3f14f94d3b86ce2a8cd818e2a3005ef5bef40b85fa2db7886c7fbcf3fcd2d59.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3476
    • C:\Users\Admin\AppData\Local\Temp\b3f14f94d3b86ce2a8cd818e2a3005ef5bef40b85fa2db7886c7fbcf3fcd2d59.exe
      start
      2⤵
        PID:2640
      • C:\Users\Admin\AppData\Local\Temp\b3f14f94d3b86ce2a8cd818e2a3005ef5bef40b85fa2db7886c7fbcf3fcd2d59.exe
        watch
        2⤵
          PID:3752

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2640-135-0x0000000000000000-mapping.dmp
        Download
      • memory/2640-138-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/2640-140-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/2640-141-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/3476-132-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/3476-133-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/3476-136-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/3752-134-0x0000000000000000-mapping.dmp
        Download
      • memory/3752-137-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/3752-139-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download
      • memory/3752-142-0x0000000000400000-0x000000000048B000-memory.dmp
        Filesize

        556KB

        Download