Overview

overview

10

Static

static

db634ee937...cb.exe

windows7-x64

3

db634ee937...cb.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    13s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 12:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    db634ee9374d951b38fa8f38b8aea075142313eb7c58db9c808a99948142ffcb.exe

  • Size

    2.0MB

  • MD5

    552a63532e9219e4c6e63592e269af2c

  • SHA1

    3338888bb45829133d08efa70bd61d56c061e5b4

  • SHA256

    db634ee9374d951b38fa8f38b8aea075142313eb7c58db9c808a99948142ffcb

  • SHA512

    3efbcf1a10c70206a87725b9d178ae091f757862a21e0f08361486a7c9121a7bf4a7c1b7846fa353c2929c86eb677125248845cbd6f6e42cd2de1abd5d76dc87

  • SSDEEP

    49152:kPb9TjglRe9+mCUymxeLeAURYihuKCY4h:kPbNjK7mC+klRsRO

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\db634ee9374d951b38fa8f38b8aea075142313eb7c58db9c808a99948142ffcb.exe
    "C:\Users\Admin\AppData\Local\Temp\db634ee9374d951b38fa8f38b8aea075142313eb7c58db9c808a99948142ffcb.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:972
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 972 -s 340
      2⤵
      • Program crash
      PID:1844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/972-54-0x0000000075D01000-0x0000000075D03000-memory.dmp

    Filesize

    8KB

    Download

  • memory/972-55-0x0000000000270000-0x0000000000274000-memory.dmp

    Filesize

    16KB

    Download

  • memory/1844-56-0x0000000000000000-mapping.dmp

    Download