Overview

overview

1

Static

static

97065c55c3...89.exe

windows7-x64

1

97065c55c3...89.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    6s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 15:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    97065c55c3ba00a6a12250dd81b99d8d4c5519cc22f4fce4c5542ed9a7c6f289.exe

  • Size

    48KB

  • MD5

    290b5a3b9b1fa91bb044b9d4a7b4a48f

  • SHA1

    90733385adba7583caf11fdd54295b4ec8da4719

  • SHA256

    97065c55c3ba00a6a12250dd81b99d8d4c5519cc22f4fce4c5542ed9a7c6f289

  • SHA512

    8e1e522955a6789ab286b08acefe2d7b9df97e086be21ea1aa2903190faa2d9a98842ff393b3cfaf2cb9727edb4dd4e669c0d0a46cf249360f2b75fb5f079f41

  • SSDEEP

    768:4VzTAI319fmgDbTIpKd9als2OACyFmOxuJnwppCslGGnAJzih4tPED4G/uWD:yAufbTIAYOA9mOxvpp/A+AW42kG/uWD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1212
      • C:\Users\Admin\AppData\Local\Temp\97065c55c3ba00a6a12250dd81b99d8d4c5519cc22f4fce4c5542ed9a7c6f289.exe
        "C:\Users\Admin\AppData\Local\Temp\97065c55c3ba00a6a12250dd81b99d8d4c5519cc22f4fce4c5542ed9a7c6f289.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1256

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1212-58-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/1256-54-0x0000000075591000-0x0000000075593000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1256-55-0x0000000010000000-0x0000000010011000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1256-56-0x0000000000400000-0x0000000000408000-memory.dmp

      Filesize

      32KB

      Download

    • memory/1256-57-0x0000000010000000-0x0000000010011000-memory.dmp

      Filesize

      68KB

      Download