Overview

overview

1

Static

static

446cce33a0...e0.exe

windows7-x64

1

446cce33a0...e0.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    137s
  • max time network
    170s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 14:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    446cce33a0e6f7ce1c4b1f750a85e6bd444b73fb903ed8ac4e722d4c617cb3e0.exe

  • Size

    522KB

  • MD5

    be270c63e7c33d353dcd6e0639709345

  • SHA1

    9645252cb38ae32bf20f000023942d3b01852356

  • SHA256

    446cce33a0e6f7ce1c4b1f750a85e6bd444b73fb903ed8ac4e722d4c617cb3e0

  • SHA512

    89f87edc0cad4073569396b29b12c13db9c8f8bd5d8be2482ececa50a2fe341774c2d6fdce5b4f87be7ec1d4827bb8bc208a901d9ae723b08ab160bd6ddd57dd

  • SSDEEP

    6144:WKGeH6Xm5Bum1ZEhrjCU031OFbRbet2jhahQiXoSk9vlAfmQy1CrxQqD9RSaSz++:T0r8Efvle2hahbX4AFy18xQqpx8O5v

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\446cce33a0e6f7ce1c4b1f750a85e6bd444b73fb903ed8ac4e722d4c617cb3e0.exe
    "C:\Users\Admin\AppData\Local\Temp\446cce33a0e6f7ce1c4b1f750a85e6bd444b73fb903ed8ac4e722d4c617cb3e0.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2416
    • C:\Users\Admin\AppData\Local\Temp\446cce33a0e6f7ce1c4b1f750a85e6bd444b73fb903ed8ac4e722d4c617cb3e0.exe
      start
      2⤵
        PID:4332
      • C:\Users\Admin\AppData\Local\Temp\446cce33a0e6f7ce1c4b1f750a85e6bd444b73fb903ed8ac4e722d4c617cb3e0.exe
        watch
        2⤵
          PID:1916

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/1916-133-0x0000000000000000-mapping.dmp

        Download

      • memory/1916-136-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1916-138-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/1916-141-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/2416-132-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/2416-135-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4332-134-0x0000000000000000-mapping.dmp

        Download

      • memory/4332-137-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4332-139-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download

      • memory/4332-140-0x0000000000400000-0x000000000048C000-memory.dmp

        Filesize

        560KB

        Download