Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    27/11/2022, 10:44 UTC

General

  • Target

    27270ac73a4646bb6856fef535f555d6193fc763e90326c5c65aa48ae2b9f67e.exe

  • Size

    73KB

  • MD5

    70a618bd04328bbb110d1208962a99e7

  • SHA1

    b25e030bf9f80748201f522e7aff4320d182045e

  • SHA256

    27270ac73a4646bb6856fef535f555d6193fc763e90326c5c65aa48ae2b9f67e

  • SHA512

    86386aba85fd4037497c23954b447795a86399b121c938dd62ee3b00ad0df2201502c10e6f0240b52168b1c8c3baa0dfd5a332b3cefb1dd95540d23a1220ec64

  • SSDEEP

    768:/0l6fk0Ykrxxrzh904BPk3yeDjzexnQi2/jcpVA3B6UX:Ml6rxrxxrT04u+xnQlwpS3B6g

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\27270ac73a4646bb6856fef535f555d6193fc763e90326c5c65aa48ae2b9f67e.exe
    "C:\Users\Admin\AppData\Local\Temp\27270ac73a4646bb6856fef535f555d6193fc763e90326c5c65aa48ae2b9f67e.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1676
    • C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
      dw20.exe -x -s 412
      2⤵
        PID:1204

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1676-54-0x0000000075E31000-0x0000000075E33000-memory.dmp

      Filesize

      8KB

    • memory/1676-57-0x0000000074C30000-0x00000000751DB000-memory.dmp

      Filesize

      5.7MB

    • memory/1676-58-0x0000000074C30000-0x00000000751DB000-memory.dmp

      Filesize

      5.7MB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.