Overview

overview

7

Static

static

fd446e6a1c...7f.exe

windows7-x64

7

fd446e6a1c...7f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    186s
  • max time network
    194s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-11-2022 21:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fd446e6a1cf9ef91bbf8633c5ea78c4aa4a29a7fda9b178d01dbf8f0570b527f.exe

  • Size

    56KB

  • MD5

    4ec16644ac1f13040a24af8b25b65b8f

  • SHA1

    6d9cb6f7c06be8f728e30b22b13a8262beb4eb09

  • SHA256

    fd446e6a1cf9ef91bbf8633c5ea78c4aa4a29a7fda9b178d01dbf8f0570b527f

  • SHA512

    45ffead756501adb115d34d25b88023d96601468ef1d859490bef1fe5b6fa5dea538124d3c589e4531151dc2ca939574c64111ad8dd70cfceba2ceae8530cfc4

  • SSDEEP

    1536:Oppht6MFI3w4VNYI06oofwfnikOsE/QTZ8LuEE3:OpxL+3PiLofnKE/QT6LuF3

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\fd446e6a1cf9ef91bbf8633c5ea78c4aa4a29a7fda9b178d01dbf8f0570b527f.exe
    "C:\Users\Admin\AppData\Local\Temp\fd446e6a1cf9ef91bbf8633c5ea78c4aa4a29a7fda9b178d01dbf8f0570b527f.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:3724
    • C:\Windows\SysWOW64\cmd.exe
      cmd.exe /c ""C:\Users\Admin\AppData\Local\Temp\\uninste5741db.bat" "C:\Users\Admin\AppData\Local\Temp\fd446e6a1cf9ef91bbf8633c5ea78c4aa4a29a7fda9b178d01dbf8f0570b527f.exe""
      2⤵
        PID:4980

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\uninste5741db.bat
      Filesize

      59B

      MD5

      2988b921fbed03f9c93c5d538932bbe3

      SHA1

      4b791b3d59ae76ff091c2cf201b40f5d1b432a3f

      SHA256

      a1769979622d3d25829be12474ad32ccfdfcac59785dac2fc10ae49c300e4ea3

      SHA512

      2920c6e9851973371dc238da1ee3c63d41c7820637856ee92c67e9489c1790e3fad287d229440d124e60b978f6819d04b47c40de9034cbd9de422aaafc2b07f9

      Download Submit

    • memory/3724-132-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3724-133-0x0000000000660000-0x0000000000672000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3724-134-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/3724-136-0x0000000000400000-0x0000000000412000-memory.dmp

      Filesize

      72KB

      Download

    • memory/4980-135-0x0000000000000000-mapping.dmp

      Download