Overview

overview

1

Static

static

f3248f7c69...4f.exe

windows7-x64

1

f3248f7c69...4f.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    316s
  • max time network
    444s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-11-2022 16:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f3248f7c69e69fde717fc87a1ee420ce4440d9fb0deac0f72e2959c3c74cb64f.exe

  • Size

    56KB

  • MD5

    f38d936d80c76aeb28a50eecc60d9a3c

  • SHA1

    4083442d2c818e2e48f064247af908eaf8b749cf

  • SHA256

    f3248f7c69e69fde717fc87a1ee420ce4440d9fb0deac0f72e2959c3c74cb64f

  • SHA512

    812f99223b19cccd785cf18083eb640c0b4c309845ba314136690684e454eb229c9218de02c947d3e1abd1e57d9f1ba252006750d69658d390d740260f58771e

  • SSDEEP

    1536:hh9yuexCqz8tFJ9NJ/kutuCADU7yFoqQ88komUavVTskg:hefxCV9NJ/+MqbW8W

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f3248f7c69e69fde717fc87a1ee420ce4440d9fb0deac0f72e2959c3c74cb64f.exe
    "C:\Users\Admin\AppData\Local\Temp\f3248f7c69e69fde717fc87a1ee420ce4440d9fb0deac0f72e2959c3c74cb64f.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2436
    • C:\Users\Admin\AppData\Local\Temp\f3248f7c69e69fde717fc87a1ee420ce4440d9fb0deac0f72e2959c3c74cb64f.exe
      C:\Users\Admin\AppData\Local\Temp\f3248f7c69e69fde7" 48
      2⤵
        PID:2248

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2248-132-0x0000000000000000-mapping.dmp

      Download

    • memory/2248-133-0x0000000010000000-0x000000001000C000-memory.dmp

      Filesize

      48KB

      Download