Overview

overview

1

Static

static

edc5938cb7...81.exe

windows7-x64

1

edc5938cb7...81.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    197s
  • max time network
    184s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    03/12/2022, 11:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    edc5938cb70bd0ce20e99e323eea92e2c67bcfb7e3ff01100cb44b34d4b6c281.exe

  • Size

    126KB

  • MD5

    bed15c7e26d0c05ae5ae6a5ca3cbceb5

  • SHA1

    7eb0191e3a5781e972028d130e0701143de32c2e

  • SHA256

    edc5938cb70bd0ce20e99e323eea92e2c67bcfb7e3ff01100cb44b34d4b6c281

  • SHA512

    fa42b9af6127fa9c1467084d1c9b5b540d9e71a72fcc403964446c57f49a2d56f8ce52434ab1ca3d26953392ec2da4fe443a235f2cd0c12806030622f3886838

  • SSDEEP

    1536:FkQhSDQZ4cdBEUokKqpRxG9oJon9wafZaackC6Es8lWOTsg11bw+45JrPj2Bydng:JOOSfZavkdg1i+Cb2RXH

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\edc5938cb70bd0ce20e99e323eea92e2c67bcfb7e3ff01100cb44b34d4b6c281.exe
    "C:\Users\Admin\AppData\Local\Temp\edc5938cb70bd0ce20e99e323eea92e2c67bcfb7e3ff01100cb44b34d4b6c281.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:1340
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:428

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/428-57-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/428-59-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/428-62-0x00000000001B0000-0x00000000001B8000-memory.dmp

      Filesize

      32KB

      Download

    • memory/428-63-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1340-55-0x00000000001B0000-0x00000000001C2000-memory.dmp

      Filesize

      72KB

      Download

    • memory/1340-54-0x0000000000400000-0x0000000000425000-memory.dmp

      Filesize

      148KB

      Download

    • memory/1340-56-0x0000000000280000-0x0000000000294000-memory.dmp

      Filesize

      80KB

      Download

    • memory/1340-61-0x0000000000280000-0x0000000000294000-memory.dmp

      Filesize

      80KB

      Download