Overview

overview

1

Static

static

30f885a13b...14.exe

windows7-x64

1

30f885a13b...14.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    136s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/11/2022, 03:11

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    30f885a13b8d71bb1ccb73e5dee2d44010d3eff16ed4840d25cb0bd080d90e14.exe

  • Size

    484KB

  • MD5

    bb1541b4b77ff9d527ab0b2c174d1970

  • SHA1

    956c94b21c9ee1be082e1d2e891c25f3a6d5bfaa

  • SHA256

    30f885a13b8d71bb1ccb73e5dee2d44010d3eff16ed4840d25cb0bd080d90e14

  • SHA512

    4f013d6cf2d93013d9aa6ee5e7b49d299761dc03d560bb2d4f1883d287de8ce25c75a17686a882ba72ef807181486fc2ed491567f7531ec4a7ec1b77896441e3

  • SSDEEP

    6144:KiDS3aHcV42Bsa0evXjwFt5ZwCI4ISZTeJqhZbblcC+bXhpZ80ag5oWaCAycGtff:KUeaCBsVevXUwCH7SOsWWatycGtGi

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\30f885a13b8d71bb1ccb73e5dee2d44010d3eff16ed4840d25cb0bd080d90e14.exe
    "C:\Users\Admin\AppData\Local\Temp\30f885a13b8d71bb1ccb73e5dee2d44010d3eff16ed4840d25cb0bd080d90e14.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4500
    • C:\Users\Admin\AppData\Local\Temp\30f885a13b8d71bb1ccb73e5dee2d44010d3eff16ed4840d25cb0bd080d90e14.exe
      start
      2⤵
        PID:4184
      • C:\Users\Admin\AppData\Local\Temp\30f885a13b8d71bb1ccb73e5dee2d44010d3eff16ed4840d25cb0bd080d90e14.exe
        watch
        2⤵
          PID:4764

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/4184-137-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4184-140-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4500-135-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4500-134-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4500-139-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4764-136-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4764-138-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download

            • memory/4764-141-0x0000000000400000-0x000000000047E000-memory.dmp

              Filesize

              504KB

              Download