Overview

overview

5

Static

static

7f30a8eb5d...25.exe

windows7-x64

5

7f30a8eb5d...25.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    183s
  • max time network
    202s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-11-2022 19:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7f30a8eb5d50ef929121f26399fb75ced018c0674bf95752fff7494f2e8ca625.exe

  • Size

    1.3MB

  • MD5

    8eaf9c5a8a09d5a7aa0b8415b4209c4c

  • SHA1

    e0d760a0d8a53817dbda861200bc162aa09568ca

  • SHA256

    7f30a8eb5d50ef929121f26399fb75ced018c0674bf95752fff7494f2e8ca625

  • SHA512

    251785956c8d1a624209592fb16f243fafaa8877d46ec7530395b7e73bdd6770931abfd565711521685e109fcfec856be6ac6e273215007ee45cfeba2c3da4e1

  • SSDEEP

    24576:7rKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakU:7rKo4ZwCOnYjVmJPaT

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7f30a8eb5d50ef929121f26399fb75ced018c0674bf95752fff7494f2e8ca625.exe
    "C:\Users\Admin\AppData\Local\Temp\7f30a8eb5d50ef929121f26399fb75ced018c0674bf95752fff7494f2e8ca625.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:4164
    • C:\Users\Admin\AppData\Local\Temp\7f30a8eb5d50ef929121f26399fb75ced018c0674bf95752fff7494f2e8ca625.exe
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:1848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1848-132-0x0000000000000000-mapping.dmp

    Download

  • memory/1848-133-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1848-134-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1848-135-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1848-136-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download

  • memory/1848-137-0x0000000000400000-0x00000000004D9000-memory.dmp

    Filesize

    868KB

    Download