Overview

overview

1

Static

static

91b9a6bf18...a4.exe

windows7-x64

1

91b9a6bf18...a4.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 13:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe

  • Size

    524KB

  • MD5

    7fd52eb7da4511a714144849d704d99e

  • SHA1

    08be02dfc1a85deb0287259a20d48794851f3f1e

  • SHA256

    91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4

  • SHA512

    fa28b925e2a1c094f18ede94b257e70407c8104bc5d8cb77ae351c8539202fc9b973773de2d6489e57897b11014e5ac19bf1534bc776d46ac86bebfade3300bd

  • SSDEEP

    12288:haCoF4RL19McSapxpArBuwBVzvBVKXCuapzDBGf:hxR5FpxOpVzvSXCXD

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
    "C:\Users\Admin\AppData\Local\Temp\91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5060
    • C:\Users\Admin\AppData\Local\Temp\91b9a6bf18c9185f031810ac660fb799f6e9d00900147ae905b559fdd36fcfa4.exe
      tear
      2⤵
        PID:4688

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4688-134-0x0000000000000000-mapping.dmp
      Download
    • memory/4688-136-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download
    • memory/4688-137-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download
    • memory/4688-138-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download
    • memory/4688-139-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download
    • memory/5060-132-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download
    • memory/5060-133-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download
    • memory/5060-135-0x0000000000400000-0x000000000048E000-memory.dmp
      Filesize

      568KB

      Download