Overview

overview

1

Static

static

9127222b0d...fa.exe

windows7-x64

1

9127222b0d...fa.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    36s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 12:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9127222b0d11ddb1b8aef22bace1889e0955ff2a83586bcad9e1f659213a49fa.exe

  • Size

    522KB

  • MD5

    082c3309efd92e90c02f7c6496786176

  • SHA1

    175df13d187e4069bcfdf2b8a00c64f0d11d5f40

  • SHA256

    9127222b0d11ddb1b8aef22bace1889e0955ff2a83586bcad9e1f659213a49fa

  • SHA512

    d35ac76f00b59636daf687bb7f659b8057f23a8b27b893a782046450af68e5fae685fcb5d0d4d2ce9e24a706f997cbcc71e18ef9dbf16a4b296bd7947e29a7af

  • SSDEEP

    6144:o1Z6UqVqwoXF0TsMWcsWp3tvjtCuwkGl3bYYrtjzzmQy1CrxQqD9RSaSz+8O5GbK:4sUMqwoj7URslrxrXy18xQqpx8O5G

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 14 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9127222b0d11ddb1b8aef22bace1889e0955ff2a83586bcad9e1f659213a49fa.exe
    "C:\Users\Admin\AppData\Local\Temp\9127222b0d11ddb1b8aef22bace1889e0955ff2a83586bcad9e1f659213a49fa.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1972
    • C:\Users\Admin\AppData\Local\Temp\9127222b0d11ddb1b8aef22bace1889e0955ff2a83586bcad9e1f659213a49fa.exe
      start
      2⤵
        PID:1836
      • C:\Users\Admin\AppData\Local\Temp\9127222b0d11ddb1b8aef22bace1889e0955ff2a83586bcad9e1f659213a49fa.exe
        watch
        2⤵
          PID:1772

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1772-56-0x0000000000000000-mapping.dmp

        Download

      • memory/1772-60-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1772-64-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1772-66-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1836-57-0x0000000000000000-mapping.dmp

        Download

      • memory/1836-59-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1836-63-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1836-65-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1972-54-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1972-55-0x0000000075981000-0x0000000075983000-memory.dmp

        Filesize

        8KB

        Download

      • memory/1972-58-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download