Overview

overview

1

Static

static

4cb833cc1c...74.exe

windows7-x64

1

4cb833cc1c...74.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    46s
  • max time network
    52s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 14:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4cb833cc1c218bbb83fe52fc422c34b5346a2c249f7b47e79554ca1561f37574.exe

  • Size

    518KB

  • MD5

    0bc60301ccb90298b885b08175c26c3e

  • SHA1

    bd1cbf7ac7c518dbf46d2675ef92649dbdfa7d44

  • SHA256

    4cb833cc1c218bbb83fe52fc422c34b5346a2c249f7b47e79554ca1561f37574

  • SHA512

    13c9a9175ba9187ab78c5733ae7d7ad80c39b86de67005665beb4e856d49ba0317bef0f97bae3727d5090b51a632c0383e4170efc8d4b75958c24b1b991512a0

  • SSDEEP

    12288:f/RHQXKqBh+zrW/J1DDE+wPUjASES/ya+WJPwTOE3/K+:3K+zrAJ1DwRPuAsz+OPwTv3/K

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 14 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4cb833cc1c218bbb83fe52fc422c34b5346a2c249f7b47e79554ca1561f37574.exe
    "C:\Users\Admin\AppData\Local\Temp\4cb833cc1c218bbb83fe52fc422c34b5346a2c249f7b47e79554ca1561f37574.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1636
    • C:\Users\Admin\AppData\Local\Temp\4cb833cc1c218bbb83fe52fc422c34b5346a2c249f7b47e79554ca1561f37574.exe
      start
      2⤵
        PID:1356
      • C:\Users\Admin\AppData\Local\Temp\4cb833cc1c218bbb83fe52fc422c34b5346a2c249f7b47e79554ca1561f37574.exe
        watch
        2⤵
          PID:848

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/848-55-0x0000000000000000-mapping.dmp

        Download

      • memory/848-61-0x0000000000400000-0x000000000048B000-memory.dmp

        Filesize

        556KB

        Download

      • memory/848-63-0x0000000000400000-0x000000000048B000-memory.dmp

        Filesize

        556KB

        Download

      • memory/1356-56-0x0000000000000000-mapping.dmp

        Download

      • memory/1356-60-0x0000000000400000-0x000000000048B000-memory.dmp

        Filesize

        556KB

        Download

      • memory/1356-62-0x0000000000400000-0x000000000048B000-memory.dmp

        Filesize

        556KB

        Download

      • memory/1636-54-0x0000000075211000-0x0000000075213000-memory.dmp

        Filesize

        8KB

        Download

      • memory/1636-58-0x0000000000400000-0x000000000048B000-memory.dmp

        Filesize

        556KB

        Download