Overview

overview

8

Static

static

c6e3ca7c4e...cc.exe

windows7-x64

3

c6e3ca7c4e...cc.exe

windows10-2004-x64

8

Analysis

  • max time kernel
    25s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 11:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c6e3ca7c4e752d2301fa7816b91aeb11ad24f79cf26e6d5f91381ba220fe9acc.exe

  • Size

    75KB

  • MD5

    a54adaa323962936e53117db4e7fcb9b

  • SHA1

    bab9ff6b7d9100dce35859439c2d04bad37a8cf2

  • SHA256

    c6e3ca7c4e752d2301fa7816b91aeb11ad24f79cf26e6d5f91381ba220fe9acc

  • SHA512

    1de0a41d53c9d20465c4bca3fc0a38272b38c11284a9b72dad87e801d4f02d3fae826ba8015159ba17bae6648bb56cd21f320f704e5d75f87457ed1a3df731a3

  • SSDEEP

    1536:nMDFXFUwRs7lzXawVIy49oCxyHRUyUv0yUMnDfXILIem/ostd:MwwIlzX9VIy49dyHVqRfXIL5Wztd

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\c6e3ca7c4e752d2301fa7816b91aeb11ad24f79cf26e6d5f91381ba220fe9acc.exe
    "C:\Users\Admin\AppData\Local\Temp\c6e3ca7c4e752d2301fa7816b91aeb11ad24f79cf26e6d5f91381ba220fe9acc.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2020
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 2020 -s 36
      2⤵
      • Program crash
      PID:2040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2020-54-0x0000000000400000-0x000000000042D642-memory.dmp
    Filesize

    181KB

    Download
  • memory/2040-55-0x0000000000000000-mapping.dmp
    Download