Overview

overview

1

Static

static

b05970f3f0...c3.exe

windows7-x64

1

b05970f3f0...c3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    21s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04-12-2022 01:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b05970f3f0e7a9cc703286c8e8a16b70865901fab4fc2fa3eeb175f47c15fcc3.exe

  • Size

    360KB

  • MD5

    5f983613bc8a87df1e2aa857d16e575a

  • SHA1

    2b3e5d8cb277d78007977a2cc08b14ce68062fc1

  • SHA256

    b05970f3f0e7a9cc703286c8e8a16b70865901fab4fc2fa3eeb175f47c15fcc3

  • SHA512

    be30adb5c3ecf37852abc7466641589c888d38ceab709f326b4c8ff5bda2b51ceb1f1f3e9e17084a01322ccd9b3f28787f583c19e9d8e1f1cdf519c55d8fdb0a

  • SSDEEP

    3072:TlHBHBMhAhvjcxpjF3hAhvjcxpjFWvYUdnsttEvYUdnsttJbOU+bOUA1PD1PtJmk:Ghmc3R3hmc3RWvneGvnezy5yBxFYgQ1

Score
1/10

Malware Config

Signatures

  • Suspicious use of FindShellTrayWindow 2 IoCs
  • Suspicious use of SendNotifyMessage 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b05970f3f0e7a9cc703286c8e8a16b70865901fab4fc2fa3eeb175f47c15fcc3.exe
    "C:\Users\Admin\AppData\Local\Temp\b05970f3f0e7a9cc703286c8e8a16b70865901fab4fc2fa3eeb175f47c15fcc3.exe"
    1⤵
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:1124

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1124-54-0x000007FEF4940000-0x000007FEF5363000-memory.dmp

    Filesize

    10.1MB

    Download

  • memory/1124-55-0x000007FEEE8C0000-0x000007FEEF956000-memory.dmp

    Filesize

    16.6MB

    Download

  • memory/1124-56-0x0000000000A46000-0x0000000000A65000-memory.dmp

    Filesize

    124KB

    Download