Overview

overview

5

Static

static

3d047fd84d...64.exe

windows7-x64

5

3d047fd84d...64.exe

windows10-2004-x64

5

Analysis

  • max time kernel
    91s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25-11-2022 15:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3d047fd84d82d40af9325b19372ad9e2ad21b5ef7ad80ae30439f0de10403964.exe

  • Size

    1.3MB

  • MD5

    073ea1a36614a04e4b83df38370cd7e2

  • SHA1

    c04808f924736a193b0129cbe4358b2882edb12a

  • SHA256

    3d047fd84d82d40af9325b19372ad9e2ad21b5ef7ad80ae30439f0de10403964

  • SHA512

    d1f4a3b650a7959722e6b2206dccb49c7eb63cf69edcc9bf642e4c9af554eb0c8482e689016ce3684c2dadd61aeb90ed324be850b4020ca8f5b7888533adcb9f

  • SSDEEP

    24576:4OiZzDXGLFP53UG7bL1HohIE6BvRx0GOb/4+a0q3bhAqtxe9:Ri1DWLFP53UGe76x0ZUphdt

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of SetWindowsHookEx 5 IoCs
  • Suspicious use of WriteProcessMemory 10 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3d047fd84d82d40af9325b19372ad9e2ad21b5ef7ad80ae30439f0de10403964.exe
    "C:\Users\Admin\AppData\Local\Temp\3d047fd84d82d40af9325b19372ad9e2ad21b5ef7ad80ae30439f0de10403964.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:4684
    • C:\Users\Admin\AppData\Local\Temp\3d047fd84d82d40af9325b19372ad9e2ad21b5ef7ad80ae30439f0de10403964.exe
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:3260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3260-132-0x0000000000000000-mapping.dmp

    Download

  • memory/3260-133-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/3260-134-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/3260-135-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/3260-136-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/3260-137-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download

  • memory/3260-138-0x0000000000400000-0x00000000004D8000-memory.dmp

    Filesize

    864KB

    Download