Overview

overview

4

Static

static

04e851861d...60.exe

windows7-x64

4

04e851861d...60.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    60s
  • max time network
    124s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 08:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    04e851861d4981a2fcf2d569143c1fcf8a55456fdb81f99b17c766034f698160.exe

  • Size

    84KB

  • MD5

    fcb5c90f80c834a16ca5dcb4f4b9f408

  • SHA1

    c9599e6280de777e459683ee3de1e1712b8d91f6

  • SHA256

    04e851861d4981a2fcf2d569143c1fcf8a55456fdb81f99b17c766034f698160

  • SHA512

    830a34a4443c96709e6e7a34c822a2ee8fd9bead06ebc9425b8a7f3fa1f328e09a9a4288357488150f86c9c8c818cf0a7b36454471befe02a80054e8c3e20448

  • SSDEEP

    1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EUq:5m8nBjTmbxRBRN6WYiKqVo6Zq

Score
4/10

Malware Config

Signatures

  • Drops file in Windows directory 4 IoCs
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 1 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:776
      • C:\Users\Admin\AppData\Local\Temp\04e851861d4981a2fcf2d569143c1fcf8a55456fdb81f99b17c766034f698160.exe
        "C:\Users\Admin\AppData\Local\Temp\04e851861d4981a2fcf2d569143c1fcf8a55456fdb81f99b17c766034f698160.exe"
        2⤵
        • Drops file in Windows directory
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2960

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads