Overview

overview

3

Static

static

2eada44e30...b1.exe

windows7-x64

3

2eada44e30...b1.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    43s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    23-11-2022 21:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2eada44e3027119b1f12ccb658ce645d6665745832238e418e12c492954051b1.exe

  • Size

    88KB

  • MD5

    537d28fac1652177892c355e5870d160

  • SHA1

    c99f4ac9fc9bca6a24f11788df268380cdc84e54

  • SHA256

    2eada44e3027119b1f12ccb658ce645d6665745832238e418e12c492954051b1

  • SHA512

    107235eab661326ceb82460c7b425da40395c2228b6cbf4b021a78f2e5438d2ca49fb8c3add4b8690049a20444a3e07424fcc36370f8db6b08408fecfa334eab

  • SSDEEP

    1536:NZ/XdoC2teDJMFpFLgOWgg0FZmYvUFOBGZCZ/uBtDD78Ritd+DPfsdpF8jjWT:Hdj2CJMzF95Zmwvltk3R2PfsdTUs

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2eada44e3027119b1f12ccb658ce645d6665745832238e418e12c492954051b1.exe
    "C:\Users\Admin\AppData\Local\Temp\2eada44e3027119b1f12ccb658ce645d6665745832238e418e12c492954051b1.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1996
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1996 -s 72
      2⤵
      • Program crash
      PID:1288

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1288-55-0x0000000000000000-mapping.dmp

    Download

  • memory/1996-54-0x0000000000400000-0x0000000000416000-memory.dmp

    Filesize

    88KB

    Download