Overview

overview

1

Static

static

bf7281972b...3e.exe

windows7-x64

1

bf7281972b...3e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    45s
  • max time network
    50s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    05-12-2022 07:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bf7281972baa4d27494d35507609eacefc9365a4211ac51484a12553b8ba043e.exe

  • Size

    2.6MB

  • MD5

    b316a2da862ef539626bfe64a30d723b

  • SHA1

    5b5995e0a536f32dd25f2c9aabbb544772620247

  • SHA256

    bf7281972baa4d27494d35507609eacefc9365a4211ac51484a12553b8ba043e

  • SHA512

    2685437f945a1bf42114c5e97643e41513c555956072d2c1b9940bb1a5292cae81a445b5e73ef4575a4b9193a6a1f56fe8da9950590cde01eecf5e731f046459

  • SSDEEP

    49152:iK+jszfM+lrD2eFqfC90vYFOj28lQmtxbyaPWkj:iK+jszx1D2SqfxBN32abj

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 3 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1392
      • C:\Users\Admin\AppData\Local\Temp\bf7281972baa4d27494d35507609eacefc9365a4211ac51484a12553b8ba043e.exe
        "C:\Users\Admin\AppData\Local\Temp\bf7281972baa4d27494d35507609eacefc9365a4211ac51484a12553b8ba043e.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:1464

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1392-61-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

      Filesize

      24KB

      Download

    • memory/1464-55-0x00000000758B1000-0x00000000758B3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1464-56-0x0000000000400000-0x0000000000B3D000-memory.dmp

      Filesize

      7.2MB

      Download

    • memory/1464-57-0x0000000002600000-0x0000000002710000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/1464-58-0x0000000002B10000-0x0000000002BF9000-memory.dmp

      Filesize

      932KB

      Download

    • memory/1464-59-0x0000000000400000-0x0000000000B3D000-memory.dmp

      Filesize

      7.2MB

      Download

    • memory/1464-60-0x0000000010000000-0x0000000010011000-memory.dmp

      Filesize

      68KB

      Download

    • memory/1464-64-0x0000000000400000-0x0000000000B3D000-memory.dmp

      Filesize

      7.2MB

      Download