Overview

overview

1

Static

static

4c80d280fd...ef.exe

windows7-x64

1

4c80d280fd...ef.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4c80d280fd16b640bf5049cdfec1b378596cb254ea7bb1d343678953c01a20ef.exe

  • Size

    524KB

  • MD5

    f90ba5aad599f0578edde1669241d502

  • SHA1

    430171a4278db5fc79d71a1ae78a456884fe8ec3

  • SHA256

    4c80d280fd16b640bf5049cdfec1b378596cb254ea7bb1d343678953c01a20ef

  • SHA512

    a8490957bf311878479d2e5de08abaf5cea1a4312d4ba32dfb8f767e4b7b2a32533f6a820720541ab40e69bb6cee8bc1943cf4833e2edc72ea8fd3a071b6e477

  • SSDEEP

    12288:JcQkc9prqGUxsRCVLHVzvBVKXCuapzDBG:Hb+ECVTVzvSXCXD

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4c80d280fd16b640bf5049cdfec1b378596cb254ea7bb1d343678953c01a20ef.exe
    "C:\Users\Admin\AppData\Local\Temp\4c80d280fd16b640bf5049cdfec1b378596cb254ea7bb1d343678953c01a20ef.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:476
    • C:\Users\Admin\AppData\Local\Temp\4c80d280fd16b640bf5049cdfec1b378596cb254ea7bb1d343678953c01a20ef.exe
      tear
      2⤵
        PID:4676

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/476-132-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/476-134-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/4676-133-0x0000000000000000-mapping.dmp

      Download

    • memory/4676-135-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/4676-136-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/4676-137-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download

    • memory/4676-138-0x0000000000400000-0x000000000048E000-memory.dmp

      Filesize

      568KB

      Download