Overview

overview

7

Static

static

f27467e0d5...04.exe

windows7-x64

7

f27467e0d5...04.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    26s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2022, 05:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f27467e0d529a46f66e1d6afbceed0ec47fa665e05825c8101033c2587855204.exe

  • Size

    16KB

  • MD5

    2aac4976ec8882e17909969a64791b28

  • SHA1

    00f7d5ad3fce0c92d08e179cbf6bdfcbd4d72e75

  • SHA256

    f27467e0d529a46f66e1d6afbceed0ec47fa665e05825c8101033c2587855204

  • SHA512

    db23f83b0ce30ac5b1ceee0fc65a444eebc3ec4b936d89053a2b8da87d9d2e7a6e9942f148c0c10304ffa8ca9d69fbc7f0069339c25cdcff68b88b4d6ec365cc

  • SSDEEP

    96:CXTacedhER/uEq8zH1gWxq2sjq+ArVkxeUIjTT8jtPtboynwEzSm:8aceL8Q8ZgWbFiLUTiP1oynwm

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f27467e0d529a46f66e1d6afbceed0ec47fa665e05825c8101033c2587855204.exe
    "C:\Users\Admin\AppData\Local\Temp\f27467e0d529a46f66e1d6afbceed0ec47fa665e05825c8101033c2587855204.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:864
    • C:\Windows\SysWOW64\cmd.exe
      cmd /c C:\Users\Admin\AppData\Local\Temp\\del_temp.bat
      2⤵
      • Deletes itself
      PID:1608

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\del_temp.bat
    Filesize

    246B

    MD5

    365c88356db189d5419b6cbec49c64a9

    SHA1

    3846ae8be2f3e24a583916c8b7dc014d7f17a977

    SHA256

    250bb0764ac145d80684dd28c2b3b88e13e6bc349cf2895c00034667ea2f0fdb

    SHA512

    4cdce1e648faccbda736fef95eb85133c49d837f62375835d2c3774341ba54dac4293d7130856d155063eebce65ec3e45b523da0a7c87c67e82af08f6409c0c1

    Download Submit

  • memory/864-54-0x0000000076261000-0x0000000076263000-memory.dmp

    Filesize

    8KB

    Download