Overview

overview

1

Static

static

3cd11d4602...65.exe

windows7-x64

1

3cd11d4602...65.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    64s
  • max time network
    90s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2022, 10:16

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    3cd11d46022dc3f4886be7bf810a806af0a92589b6795fdbea9bb260fd96e665.exe

  • Size

    525KB

  • MD5

    e2ce48e768a43db848e08d56a080a9b9

  • SHA1

    88f6f94ca4cc55148080d6827305922c8fa839e1

  • SHA256

    3cd11d46022dc3f4886be7bf810a806af0a92589b6795fdbea9bb260fd96e665

  • SHA512

    9bb9b2fdbeb2e250c28c005758df84b53821a5a761bf2a94bf850e17d4cc34c2fdc01c35bdd4bbfa0fd2cc6439062f290cefe02062ee545d32594450804b839d

  • SSDEEP

    12288:K2ZTQHNp1S+2GP7VHaoFR5J1voT+6m0+:rktpoGPBv5J1R55

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3cd11d46022dc3f4886be7bf810a806af0a92589b6795fdbea9bb260fd96e665.exe
    "C:\Users\Admin\AppData\Local\Temp\3cd11d46022dc3f4886be7bf810a806af0a92589b6795fdbea9bb260fd96e665.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2028
    • C:\Users\Admin\AppData\Local\Temp\3cd11d46022dc3f4886be7bf810a806af0a92589b6795fdbea9bb260fd96e665.exe
      start
      2⤵
        PID:952
      • C:\Users\Admin\AppData\Local\Temp\3cd11d46022dc3f4886be7bf810a806af0a92589b6795fdbea9bb260fd96e665.exe
        watch
        2⤵
          PID:1360

      Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads

            • memory/952-60-0x0000000000400000-0x000000000048A000-memory.dmp

              Filesize

              552KB

              Download

            • memory/952-62-0x0000000000400000-0x000000000048A000-memory.dmp

              Filesize

              552KB

              Download

            • memory/1360-61-0x0000000000400000-0x000000000048A000-memory.dmp

              Filesize

              552KB

              Download

            • memory/1360-63-0x0000000000400000-0x000000000048A000-memory.dmp

              Filesize

              552KB

              Download

            • memory/2028-54-0x0000000075511000-0x0000000075513000-memory.dmp

              Filesize

              8KB

              Download

            • memory/2028-59-0x0000000000400000-0x000000000048A000-memory.dmp

              Filesize

              552KB

              Download