Overview

overview

1

Static

static

f8cad2be48...a3.exe

windows7-x64

1

f8cad2be48...a3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    12s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2022 15:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f8cad2be48b87230222ad86989c08562fd4c91916f85c2f2defdc7d38ff60ea3.exe

  • Size

    1.1MB

  • MD5

    f77ba0d80e7fa097f9cb896dbeecc630

  • SHA1

    b09ecd44d83854fa4c519abfb8e74b5d59305463

  • SHA256

    f8cad2be48b87230222ad86989c08562fd4c91916f85c2f2defdc7d38ff60ea3

  • SHA512

    bbed0ba077512722a5c055feb8a70bc409b934d20ec0d55a98a74d6c5eb3c2948fff896c73f7d2d72bb1b5679dff804124c79b84cbe9d22ddb7b2bd5e67688e1

  • SSDEEP

    24576:yNEn1IL8KtNOrBxwN4kduYxJEaNDU0QkH7MydImoEw02oQ2y:yNy10aBx4zIKmaR3dImoEwnoQl

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f8cad2be48b87230222ad86989c08562fd4c91916f85c2f2defdc7d38ff60ea3.exe
    "C:\Users\Admin\AppData\Local\Temp\f8cad2be48b87230222ad86989c08562fd4c91916f85c2f2defdc7d38ff60ea3.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:828
  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1244

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/828-54-0x0000000000400000-0x000000000051F000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/828-55-0x0000000075C41000-0x0000000075C43000-memory.dmp

      Filesize

      8KB

      Download

    • memory/828-56-0x0000000010000000-0x0000000010011000-memory.dmp

      Filesize

      68KB

      Download

    • memory/828-60-0x0000000001E40000-0x0000000001F31000-memory.dmp

      Filesize

      964KB

      Download

    • memory/828-61-0x0000000000400000-0x000000000051F000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/828-62-0x0000000010000000-0x0000000010011000-memory.dmp

      Filesize

      68KB

      Download

    • memory/828-63-0x0000000000400000-0x000000000051F000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/1244-57-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

      Filesize

      24KB

      Download