Overview

overview

4

Static

static

c7f9444384...ae.exe

windows7-x64

4

c7f9444384...ae.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    139s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-12-2022 08:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c7f94443841c41c3fd0af80850aefbbdbc75f99839b28715fde43f35382c80ae.exe

  • Size

    84KB

  • MD5

    b2d7f84be61e1e5da9527302bef4c905

  • SHA1

    06bc9ef3470b1428e97e790ca9f21ab84f9dbcca

  • SHA256

    c7f94443841c41c3fd0af80850aefbbdbc75f99839b28715fde43f35382c80ae

  • SHA512

    33106dec57cda2a224499a06fe1bb58b2ca0a710ca671d8b315ece68303f930ea583d42357d3fbef45673e31cb68d788502001eae7d1e746dc9c8a4669268131

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUK:5m8nBjTmbxRBRN6WYiKqVo6ZK

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3036
      • C:\Users\Admin\AppData\Local\Temp\c7f94443841c41c3fd0af80850aefbbdbc75f99839b28715fde43f35382c80ae.exe
        "C:\Users\Admin\AppData\Local\Temp\c7f94443841c41c3fd0af80850aefbbdbc75f99839b28715fde43f35382c80ae.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2180

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads