Overview

overview

1

Static

static

6691a61f6d...d8.exe

windows7-x64

1

6691a61f6d...d8.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    62s
  • max time network
    127s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 15:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6691a61f6dad9a10618d7f0b0655b7d500c0870a39558654e4a41f3f3bcfb1d8.exe

  • Size

    29KB

  • MD5

    ae63b3af3302bb1352e6bad55f7443f7

  • SHA1

    9ab7f53332b1adbbfe251706d7e8698d4719997d

  • SHA256

    6691a61f6dad9a10618d7f0b0655b7d500c0870a39558654e4a41f3f3bcfb1d8

  • SHA512

    3ff1f393b81b8efec933779b6c266995dacb5ad0157a2ab7b81fe4bdf7306a08193312f2e650a91cf4b105d49527ef412a5463243ace24417162cb657e89ceef

  • SSDEEP

    768:geLMhlzjRKiQWgdgmWhtaHxNZbR3Xe9lZ3FD:1AzjRpngfsaHv3eJx

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:2440
      • C:\Users\Admin\AppData\Local\Temp\6691a61f6dad9a10618d7f0b0655b7d500c0870a39558654e4a41f3f3bcfb1d8.exe
        "C:\Users\Admin\AppData\Local\Temp\6691a61f6dad9a10618d7f0b0655b7d500c0870a39558654e4a41f3f3bcfb1d8.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:3704

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2440-133-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/3704-132-0x0000000000400000-0x00000000004083A0-memory.dmp

      Filesize

      32KB

      Download

    • memory/3704-134-0x0000000010000000-0x0000000010012000-memory.dmp

      Filesize

      72KB

      Download