Overview

overview

3

Static

static

82af83953e...c4.exe

windows7-x64

3

82af83953e...c4.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    42s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    26-11-2022 22:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    82af83953ed6e327832707fd71d674ef52bbd6c3d988364b6742ed73c0254ac4.exe

  • Size

    36KB

  • MD5

    4fecea06f5d8a27e6a007fbfe9773674

  • SHA1

    e94fe7bcd4aa680430e52fee4d9153434d1b1bb6

  • SHA256

    82af83953ed6e327832707fd71d674ef52bbd6c3d988364b6742ed73c0254ac4

  • SHA512

    81e650a71e55d26b5c93c27fb6d9530f6ded36feeb82f1e747a736fc2bbca62952a4b1bf7aed57ad1e352b7b66cc17cf6a20fc738cc9d8220f6deface8287c97

  • SSDEEP

    384:HB9xbFxe2Xbk3j32CC7eB6OA5gVQSIYqQ161IWn5xiuqyMLH4AMZ61WWDk:hbXbkTY7E6OOYT18rPBaLH4HZ8do

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\82af83953ed6e327832707fd71d674ef52bbd6c3d988364b6742ed73c0254ac4.exe
    "C:\Users\Admin\AppData\Local\Temp\82af83953ed6e327832707fd71d674ef52bbd6c3d988364b6742ed73c0254ac4.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1000
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1000 -s 280
      2⤵
      • Program crash
      PID:928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1000-54-0x0000000076561000-0x0000000076563000-memory.dmp

    Filesize

    8KB

    Download