0bbc1cc90cb8cec96e570211c93c07e2aaf9806390facaad3e3d66c25b32a898

Resubmissions

07-12-2022 03:10

221207-dpb9zada5t 1

07-12-2022 02:59

221207-dg573scd9s 1

Analysis

max time kernel
309s
max time network
313s
platform
windows10-1703_x64
resource
win10-20220901-en
resource tags

arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
submitted
07-12-2022 03:10

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

承诺书.exe
Size

2.7MB
MD5

5a9d640832fe8c53263fc4c0fb509f7f
SHA1

776f8656398ce0885051ecde9bd4c836cdfcb0da
SHA256

0bbc1cc90cb8cec96e570211c93c07e2aaf9806390facaad3e3d66c25b32a898
SHA512

dfd4f602981cefe409e4c17f78cb1be60f57a5edf1d4c00b6976b76bb66cfdafab681466cc0593002bd6b9bb5d82d4ced41b11992909820dd769f07225d996e0
SSDEEP

49152:YwOC27/sEfuc4uKtzcBcwsuQHfmKln9/C0rISSSeHHJ9qYsvXJuGLE9G:YwOC27FruzcImKlndC0cSSSeHHJ9yBuv

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe
1540	承诺书.exe

C:\Users\Admin\AppData\Local\Temp\承诺书.exe
"C:\Users\Admin\AppData\Local\Temp\承诺书.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1540

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1540-122-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-121-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-120-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-125-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-126-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-129-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-131-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-133-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-136-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-138-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-142-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-145-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-147-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-148-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-149-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-146-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-144-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-143-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-140-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-141-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-139-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-137-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-150-0x0000000000400000-0x0000000000BFC000-memory.dmp

Filesize
8.0MB

Download
memory/1540-134-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-135-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-132-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-130-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-128-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-127-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-124-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-123-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-152-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-153-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-155-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-154-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-156-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-157-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-158-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-159-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-161-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-162-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-164-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-163-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download
memory/1540-160-0x0000000077D70000-0x0000000077EFE000-memory.dmp

Filesize
1.6MB

Download