Overview

overview

10

Static

static

9bd407c773...77.exe

windows7-x64

10

9bd407c773...77.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    187s
  • max time network
    192s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 00:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9bd407c77373ec66f798ade73998efcaab8b4f5cd8ccadb26ae9efd81d362b77.exe

  • Size

    416KB

  • MD5

    c64445ea610f9f6dd341268ce5851357

  • SHA1

    2ae1bd7236e343bd94aef8abcdeea88dbb824ed6

  • SHA256

    9bd407c77373ec66f798ade73998efcaab8b4f5cd8ccadb26ae9efd81d362b77

  • SHA512

    6019002b586470d1d53f0e8306b9dec82f4dee22188413b29683677119b8ee2b0d012e209108f1c5cf35996bdca9a4508c81ff140be8270fea6327739dbef703

  • SSDEEP

    6144:bRFKlSlqxO5s+Mv2gbyzV/d5prKrLfvIe2Vlsyd/sLn5TG5B:KlSl2oIvHi/d5MMr5d/sLhG5B

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9bd407c77373ec66f798ade73998efcaab8b4f5cd8ccadb26ae9efd81d362b77.exe
    "C:\Users\Admin\AppData\Local\Temp\9bd407c77373ec66f798ade73998efcaab8b4f5cd8ccadb26ae9efd81d362b77.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2316
    • C:\Users\Admin\AppData\Local\Temp\9bd407c77373ec66f798ade73998efcaab8b4f5cd8ccadb26ae9efd81d362b77.exe
      "C:\Users\Admin\AppData\Local\Temp\9bd407c77373ec66f798ade73998efcaab8b4f5cd8ccadb26ae9efd81d362b77.exe"
      2⤵
        PID:512

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/512-133-0x0000000000000000-mapping.dmp
      Download
    • memory/2316-132-0x0000000000400000-0x000000000046C000-memory.dmp
      Filesize

      432KB

      Download
    • memory/2316-134-0x0000000000400000-0x000000000046C000-memory.dmp
      Filesize

      432KB

      Download