Overview

overview

1

Static

static

31fe88b633...52.exe

windows7-x64

1

31fe88b633...52.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    162s
  • max time network
    169s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 11:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    31fe88b63379780226d6088d8adf72fc904f36450c933c0044706a7b23109252.exe

  • Size

    522KB

  • MD5

    acc5ba9f0c5bceb384ed3d425b1f3f80

  • SHA1

    a89c665cc25f3a6f44e6094dab93ccfebfc39978

  • SHA256

    31fe88b63379780226d6088d8adf72fc904f36450c933c0044706a7b23109252

  • SHA512

    9062d90138b1619e645ade2c56f18638fcc042006ff0948195b63de9693b2aa78fbc6ccc25afca01d7fc02238621ad440fe253719647a28c210b599fd605fa4a

  • SSDEEP

    6144:0/hqan29HkpQHao5y5q59CcQJ9daFfKOXwjRZ3mQy1CrxQqD9RSaSz+8O5R6s:1kJsy5m9C7daFLXSVy18xQqpx8O5R

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\31fe88b63379780226d6088d8adf72fc904f36450c933c0044706a7b23109252.exe
    "C:\Users\Admin\AppData\Local\Temp\31fe88b63379780226d6088d8adf72fc904f36450c933c0044706a7b23109252.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Users\Admin\AppData\Local\Temp\31fe88b63379780226d6088d8adf72fc904f36450c933c0044706a7b23109252.exe
      start
      2⤵
        PID:4016
      • C:\Users\Admin\AppData\Local\Temp\31fe88b63379780226d6088d8adf72fc904f36450c933c0044706a7b23109252.exe
        watch
        2⤵
          PID:3392

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2748-132-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/2748-135-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/3392-133-0x0000000000000000-mapping.dmp

        Download

      • memory/3392-137-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/3392-138-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/3392-141-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4016-134-0x0000000000000000-mapping.dmp

        Download

      • memory/4016-136-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4016-139-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4016-140-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download