Overview

overview

1

Static

static

9d066dbcc7...f5.exe

windows7-x64

1

9d066dbcc7...f5.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    41s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 13:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9d066dbcc7f733c733fa52fe24fc146a0f0595962068fe215bf706a4d49d87f5.exe

  • Size

    524KB

  • MD5

    c58d3c250e80947af0edae2600cfb203

  • SHA1

    0ed3f5203852ee7c10c4affd2a85f12e7f2b3035

  • SHA256

    9d066dbcc7f733c733fa52fe24fc146a0f0595962068fe215bf706a4d49d87f5

  • SHA512

    95fe872728e156f68a1127c93a65426dd05da6a66dcce69cd9cd9eafe380da7a53066add1f6b3228b85635e4b061279ca69d5da6efe091dd59a7f8f0e34c9c51

  • SSDEEP

    6144:N0n+XsB8O2Wjg9f9gO/AxhTc+Vw1F0XJe8CECBZvBVF8X2Vx2FBa3Lm+dpHB3SMD:N09I9frwdHy0XKVzvBVKXCuapzDBGR

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9d066dbcc7f733c733fa52fe24fc146a0f0595962068fe215bf706a4d49d87f5.exe
    "C:\Users\Admin\AppData\Local\Temp\9d066dbcc7f733c733fa52fe24fc146a0f0595962068fe215bf706a4d49d87f5.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:240
    • C:\Users\Admin\AppData\Local\Temp\9d066dbcc7f733c733fa52fe24fc146a0f0595962068fe215bf706a4d49d87f5.exe
      tear
      2⤵
        PID:1672

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/240-54-0x0000000075DA1000-0x0000000075DA3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/240-56-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/1672-55-0x0000000000000000-mapping.dmp

      Download

    • memory/1672-58-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/1672-59-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/1672-60-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download