Overview

overview

1

Static

static

98407b2ba3...fc.exe

windows7-x64

1

98407b2ba3...fc.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    40s
  • max time network
    47s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    06/12/2022, 13:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    98407b2ba346b7f1fe439dae2f1dbccaab9b75b90b8f39560cd7427f3398ecfc.exe

  • Size

    325KB

  • MD5

    52582502d631e3dcce115c0ff0a9c0e5

  • SHA1

    4db6700d50a352bc9347bdce84f84ad131763b10

  • SHA256

    98407b2ba346b7f1fe439dae2f1dbccaab9b75b90b8f39560cd7427f3398ecfc

  • SHA512

    f9c948fe13cc86653b36541cd9bc7427759fe9ec9ff708946bfa70bf82e039a0db835a96d70ae94f8f9e08f69c14004b0e675fed54f543de1695c4fca00ab67f

  • SSDEEP

    6144:lnpAOgw8HYWO9Ket53wzrM3sYpc/uvxmxMW7jySMe3xNzIly22:lnpH4HYWO9KG9wZ0c/upmxZ7mUhKlz2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\98407b2ba346b7f1fe439dae2f1dbccaab9b75b90b8f39560cd7427f3398ecfc.exe
    "C:\Users\Admin\AppData\Local\Temp\98407b2ba346b7f1fe439dae2f1dbccaab9b75b90b8f39560cd7427f3398ecfc.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:1920
  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1256

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1256-61-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/1920-54-0x0000000000400000-0x000000000044F000-memory.dmp

      Filesize

      316KB

      Download

    • memory/1920-55-0x0000000000290000-0x00000000002CD000-memory.dmp

      Filesize

      244KB

      Download

    • memory/1920-56-0x0000000001ED1000-0x0000000001ED5000-memory.dmp

      Filesize

      16KB

      Download

    • memory/1920-57-0x0000000000561000-0x0000000000565000-memory.dmp

      Filesize

      16KB

      Download

    • memory/1920-58-0x0000000000400000-0x000000000044F000-memory.dmp

      Filesize

      316KB

      Download

    • memory/1920-59-0x0000000001FB0000-0x00000000020B0000-memory.dmp

      Filesize

      1024KB

      Download

    • memory/1920-60-0x00000000763F1000-0x00000000763F3000-memory.dmp

      Filesize

      8KB

      Download

    • memory/1920-64-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/1920-65-0x0000000001EB1000-0x0000000001EB5000-memory.dmp

      Filesize

      16KB

      Download

    • memory/1920-66-0x0000000000290000-0x00000000002CD000-memory.dmp

      Filesize

      244KB

      Download