ee1cedc07a43f6015063491a29a0f09fa88b946dfa28f7e7bcf666a03d26b86d | Triage

Analysis

max time kernel
44s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
25-11-2022 20:36

Sharing

Report Analysis Logs

General

Target

iis110monfree/IIS监控器(系统监控)/iis110mon.exe
Size

432KB
MD5

8424dbd142768e29444bda3507f207fe
SHA1

fa5e71f16377a05adadd9bc21a193460ea8b520f
SHA256

e64ec5dae2ad5442000944a8a0f91d600092a4f64f953312f15cc180cf781286
SHA512

1b236642ea8c9f8680cd2e906b90e7c207619db424e75bdb72395ed4b53bcda9b033b363c73da2d8e6c8c8d66e91a09e469bb99d3504abcb726e31d220ddc25d
SSDEEP

12288:YigdXlwIHc/Ik2P4LtfmYz5m0gqdQsXY:HgdXlwIQPmgnrd

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
1348	iis110mon.exe

C:\Users\Admin\AppData\Local\Temp\iis110monfree\IIS监控器(系统监控)\iis110mon.exe
"C:\Users\Admin\AppData\Local\Temp\iis110monfree\IIS监控器(系统监控)\iis110mon.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1348

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1348-54-0x0000000075601000-0x0000000075603000-memory.dmp

Filesize
8KB

Download
memory/1348-55-0x0000000000400000-0x0000000000498000-memory.dmp

Filesize
608KB

Download
memory/1348-56-0x00000000002C0000-0x00000000002EF000-memory.dmp

Filesize
188KB

Download
memory/1348-57-0x00000000002C0000-0x00000000002EF000-memory.dmp

Filesize
188KB

Download