Overview

overview

1

Static

static

82622ab102...46.exe

windows7-x64

1

82622ab102...46.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    152s
  • max time network
    159s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29/11/2022, 12:04

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    82622ab1023feeb1ddf918a20b46b9fbd84ad444caad620cc424abfae155dd46.exe

  • Size

    104KB

  • MD5

    6dec363b260989ef06f96855302f3848

  • SHA1

    8c387d1f27ee234d6158b21eb67a72d1bff3c72e

  • SHA256

    82622ab1023feeb1ddf918a20b46b9fbd84ad444caad620cc424abfae155dd46

  • SHA512

    3c025cd74e94b16bff767ae0282acf3a15dd0fd20716c6e9a50b5504fbacae1b6126ecd56fd1e923c8e46b7dd6fae9e2a3564f99dc11c1cb32f0358ff2605224

  • SSDEEP

    1536:KTbpUIRVQupk9qd7EKH67o9Ou7Z8CaLY8QYi3c5Ur0ldD3k2EN5IX2QAviGG8n5e:KnptWYW+sLJQ3NyQEublLa

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\82622ab1023feeb1ddf918a20b46b9fbd84ad444caad620cc424abfae155dd46.exe
    "C:\Users\Admin\AppData\Local\Temp\82622ab1023feeb1ddf918a20b46b9fbd84ad444caad620cc424abfae155dd46.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1356
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:1440

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1356-54-0x0000000075091000-0x0000000075093000-memory.dmp

            Filesize

            8KB

            Download

          • memory/1356-59-0x0000000000400000-0x0000000000414000-memory.dmp

            Filesize

            80KB

            Download

          • memory/1356-60-0x0000000000230000-0x0000000000233000-memory.dmp

            Filesize

            12KB

            Download

          • memory/1440-55-0x0000000000080000-0x0000000000089000-memory.dmp

            Filesize

            36KB

            Download

          • memory/1440-57-0x0000000000080000-0x0000000000089000-memory.dmp

            Filesize

            36KB

            Download

          • memory/1440-61-0x0000000000380000-0x0000000000388000-memory.dmp

            Filesize

            32KB

            Download

          • memory/1440-62-0x0000000000080000-0x0000000000089000-memory.dmp

            Filesize

            36KB

            Download