Overview

overview

1

Static

static

5a4fea8993...6f.exe

windows7-x64

1

5a4fea8993...6f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    139s
  • max time network
    182s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 14:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5a4fea89934fa90efc0afd8feccfd5bc534fcddabca4062ff37c1fb68ed5f26f.exe

  • Size

    522KB

  • MD5

    7480082b72a71203c50005bc8b12c028

  • SHA1

    b8e4d4de9dc37e7ea7a2378e579feb710c12bee4

  • SHA256

    5a4fea89934fa90efc0afd8feccfd5bc534fcddabca4062ff37c1fb68ed5f26f

  • SHA512

    549a8a9b0b150df67aaa4154909517a8b9e5f236c002affaea959e330e54df8d2d0510f096e2e62150ad578dc6fc456b8f69a399540c60bae32970008f04404d

  • SSDEEP

    6144:J/f2QHxAscSQjdsyBsb4kG1p6QPiMNHZY4oFBku8gQ95mQy1CrxQqD9RSaSz+8O1:E7NSQjdsyX1ykuyy18xQqpx8O5j

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5a4fea89934fa90efc0afd8feccfd5bc534fcddabca4062ff37c1fb68ed5f26f.exe
    "C:\Users\Admin\AppData\Local\Temp\5a4fea89934fa90efc0afd8feccfd5bc534fcddabca4062ff37c1fb68ed5f26f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:204
    • C:\Users\Admin\AppData\Local\Temp\5a4fea89934fa90efc0afd8feccfd5bc534fcddabca4062ff37c1fb68ed5f26f.exe
      watch
      2⤵
        PID:4724
      • C:\Users\Admin\AppData\Local\Temp\5a4fea89934fa90efc0afd8feccfd5bc534fcddabca4062ff37c1fb68ed5f26f.exe
        start
        2⤵
          PID:4832

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/204-135-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/204-132-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4724-138-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4724-136-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4724-133-0x0000000000000000-mapping.dmp

        Download

      • memory/4724-140-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4724-142-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4724-145-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4832-134-0x0000000000000000-mapping.dmp

        Download

      • memory/4832-137-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4832-139-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4832-141-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4832-143-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4832-144-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download