Analysis
-
max time kernel
40s -
max time network
93s -
platform
windows7_x64 -
resource
win7-20221111-en -
resource tags
-
submitted
23-11-2022 13:30
General
-
Target
a1cb1d8ed0bdb29824ecae82b52c005599b44b34bd1ae08a5e39598681c4e704.exe
-
Size
518KB
-
MD5
187cd989c0cf654559f0e9cd425b5b2c
-
SHA1
5db078ede0229ad26c02ed492ac14e1c9f2073a1
-
SHA256
a1cb1d8ed0bdb29824ecae82b52c005599b44b34bd1ae08a5e39598681c4e704
-
SHA512
9c8743ecfd198583407a0f3c9c4244b78c198985a871e0d08317f5c39dcc779905b4a4b03cdd76fdfeeb6fb722b69e5a79dd020d32f71f4074579d44b2b82715
-
SSDEEP
12288:bruNpF4qnH/KF5HL/PrwPUjASES/ya+WJPwTOEX/N9:G3FbfyHTcPuAsz+OPwTvX/
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 14 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\a1cb1d8ed0bdb29824ecae82b52c005599b44b34bd1ae08a5e39598681c4e704.exe"C:\Users\Admin\AppData\Local\Temp\a1cb1d8ed0bdb29824ecae82b52c005599b44b34bd1ae08a5e39598681c4e704.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\a1cb1d8ed0bdb29824ecae82b52c005599b44b34bd1ae08a5e39598681c4e704.exestart2⤵
-
C:\Users\Admin\AppData\Local\Temp\a1cb1d8ed0bdb29824ecae82b52c005599b44b34bd1ae08a5e39598681c4e704.exewatch2⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/616-55-0x0000000000000000-mapping.dmp
-
memory/616-60-0x0000000000400000-0x000000000048B000-memory.dmpFilesize
556KB
-
memory/616-63-0x0000000000400000-0x000000000048B000-memory.dmpFilesize
556KB
-
memory/1508-56-0x0000000000000000-mapping.dmp
-
memory/1508-61-0x0000000000400000-0x000000000048B000-memory.dmpFilesize
556KB
-
memory/1508-62-0x0000000000400000-0x000000000048B000-memory.dmpFilesize
556KB
-
memory/1552-54-0x0000000075781000-0x0000000075783000-memory.dmpFilesize
8KB
-
memory/1552-59-0x0000000000400000-0x000000000048B000-memory.dmpFilesize
556KB