Analysis

  • max time kernel
    19s
  • max time network
    36s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 18:48

General

  • Target

    远程监控/主控端备份.exe

  • Size

    315KB

  • MD5

    b4bf173787b6b8da8b2270d010520f4f

  • SHA1

    e2c5df21bbf3e6477936c91b1ace2b03637371c1

  • SHA256

    fca64a65722bfc0769cd59e26bf07b337492ab74f71e9865b5f5daf4ddf62467

  • SHA512

    d0e2b77bf757bc1ad63d31bf5a304be0e093214296eaeb1d6db0be7538ea357f0fec8487e61e535d8880e4a8642b829a385005f9253163a79f839566076ba845

  • SSDEEP

    6144:lhRpa8P4auAQ3YWp5cbGlmXCCv7NoKJFHENqmVTXDHI9zHoS1DP:LaKJgFp5gqmXCI7ZHUqWTD+lDP

Score
3/10

Malware Config

Signatures

Processes

  • C:\Users\Admin\AppData\Local\Temp\远程监控\主控端备份.exe
    "C:\Users\Admin\AppData\Local\Temp\远程监控\主控端备份.exe"
    1⤵
      PID:2040

    Network

    MITRE ATT&CK Enterprise v6

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2040-54-0x0000000076041000-0x0000000076043000-memory.dmp

      Filesize

      8KB