Overview

overview

7

Static

static

b29978fbfe...e7.exe

windows7-x64

7

b29978fbfe...e7.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    160s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/12/2022, 12:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7.exe

  • Size

    47KB

  • MD5

    205de5f1dd2bdb8dccbf138cdb5606b0

  • SHA1

    8057f7e95d26b7a48a35183532333845e6d0002d

  • SHA256

    b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7

  • SHA512

    0f00d3d0dcec66379055e4154395d24c4092f324ca4f867c468bf851005389299cb7d299776ad15ea97d3b1f6b5cc2977c4eb2ae43fd3632218b2c7acd15d588

  • SSDEEP

    768:k67lIqlqeeda+QzZPJaVHGkXNRDcXb0vhkPUofw1gCDHVtZjg7TI7IZT247orZA4:k2lIqMe2eWN1cLmkPUeJCD1DjHCT24e9

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7.exe
    "C:\Users\Admin\AppData\Local\Temp\b29978fbfe57da26d17b903e1bc4704082520c371f98bbb4992af04b250d43e7.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1380
    • C:\Windows\SysWOW64\cmd.exe
      C:\Windows\system32\cmd.exe /c delexec.bat
      2⤵
        PID:2128

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • C:\Users\Admin\AppData\Local\Temp\delexec.bat
            Filesize

            127B

            MD5

            614d98be54d4e79f1e866f1542212824

            SHA1

            cb7eb0c17395ee8ea8b876e93bce2215325c80a9

            SHA256

            283cb4694946b80891b3b3694dac02497770f1f7ba5d424c8216a91541c27390

            SHA512

            b6a25d8a1853bead0b90feeb581102a8811b0ba7339547b095cc52782978beaed096dee429a092d01eeb75a52b4d5fc4d78a9ebfbb88c69e7bf62149bb486673

            Download Submit

          • memory/1380-132-0x0000000000400000-0x0000000000426000-memory.dmp

            Filesize

            152KB

            Download

          • memory/1380-134-0x0000000000400000-0x0000000000426000-memory.dmp

            Filesize

            152KB

            Download