Overview

overview

1

Static

static

f9881bba46...28.exe

windows7-x64

1

f9881bba46...28.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    155s
  • max time network
    201s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 12:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f9881bba46ee0362f3754675e8ca3c2dacb988d633a29d3e9d181c342b5c0c28.exe

  • Size

    533KB

  • MD5

    4f2bfb5360ecd3a43bc577e85de977b6

  • SHA1

    db39d4b807ad3b9613894efec08f45e583e20f9d

  • SHA256

    f9881bba46ee0362f3754675e8ca3c2dacb988d633a29d3e9d181c342b5c0c28

  • SHA512

    ff6f94025dfe0d8d96d1f5b7cf6cacf1ef00cbc2d0ab5b62aab8ca33c192964bf6195fdd66c20deb707a61f8fee91c19aa9adb4755731b9104e67750df77237a

  • SSDEEP

    6144:noYyoQlLzOaZBPQIBONFeoolEwCiD2rlikMEyQgx0GMJafWqjMAIKIZ4xQGAOL0e:nvsBq8CBrlngx0GLM5ChzQ1RVyk/jY

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f9881bba46ee0362f3754675e8ca3c2dacb988d633a29d3e9d181c342b5c0c28.exe
    "C:\Users\Admin\AppData\Local\Temp\f9881bba46ee0362f3754675e8ca3c2dacb988d633a29d3e9d181c342b5c0c28.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5036
    • C:\Users\Admin\AppData\Local\Temp\f9881bba46ee0362f3754675e8ca3c2dacb988d633a29d3e9d181c342b5c0c28.exe
      tear
      2⤵
        PID:2212

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2212-133-0x0000000000000000-mapping.dmp

      Download

    • memory/2212-135-0x0000000000400000-0x0000000000491000-memory.dmp

      Filesize

      580KB

      Download

    • memory/2212-136-0x0000000000400000-0x0000000000491000-memory.dmp

      Filesize

      580KB

      Download

    • memory/2212-137-0x0000000000400000-0x0000000000491000-memory.dmp

      Filesize

      580KB

      Download

    • memory/2212-138-0x0000000000400000-0x0000000000491000-memory.dmp

      Filesize

      580KB

      Download

    • memory/5036-132-0x0000000000400000-0x0000000000491000-memory.dmp

      Filesize

      580KB

      Download

    • memory/5036-134-0x0000000000400000-0x0000000000491000-memory.dmp

      Filesize

      580KB

      Download