Overview

overview

1

Static

static

ad8cca5904...db.exe

windows7-x64

1

ad8cca5904...db.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    186s
  • max time network
    208s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 13:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ad8cca5904413dc1d69d20c2844f5f5a3be49f5c83a6b4545a7368c7e2b688db.exe

  • Size

    519KB

  • MD5

    f42dd5da7ae72a8b778f9d56a5c21db0

  • SHA1

    b5c3cc76fbb9b3dd1be8a23eb5fcdf6bc9884494

  • SHA256

    ad8cca5904413dc1d69d20c2844f5f5a3be49f5c83a6b4545a7368c7e2b688db

  • SHA512

    9c9d1337a0719f2feb4be36a9e962c3b3d60708483b3381bca497d86bf40f6d91b1a321c9b15a581400d3a3dfd5739b446c16ac3fcba4ad3231476b459b0e939

  • SSDEEP

    12288:AXPNTo+ZDI8n0yqxEtUd24BWJ6e4gpnO:GuemzxHd24sJb

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ad8cca5904413dc1d69d20c2844f5f5a3be49f5c83a6b4545a7368c7e2b688db.exe
    "C:\Users\Admin\AppData\Local\Temp\ad8cca5904413dc1d69d20c2844f5f5a3be49f5c83a6b4545a7368c7e2b688db.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1712
    • C:\Users\Admin\AppData\Local\Temp\ad8cca5904413dc1d69d20c2844f5f5a3be49f5c83a6b4545a7368c7e2b688db.exe
      tear
      2⤵
        PID:4628

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1712-133-0x0000000000400000-0x000000000048B000-memory.dmp

      Filesize

      556KB

      Download

    • memory/1712-134-0x0000000000400000-0x000000000048B000-memory.dmp

      Filesize

      556KB

      Download

    • memory/4628-132-0x0000000000000000-mapping.dmp

      Download

    • memory/4628-135-0x0000000000400000-0x000000000048B000-memory.dmp

      Filesize

      556KB

      Download

    • memory/4628-136-0x0000000000400000-0x000000000048B000-memory.dmp

      Filesize

      556KB

      Download

    • memory/4628-137-0x0000000000400000-0x000000000048B000-memory.dmp

      Filesize

      556KB

      Download

    • memory/4628-138-0x0000000000400000-0x000000000048B000-memory.dmp

      Filesize

      556KB

      Download