Overview

overview

10

Static

static

file.exe

windows7-x64

1

file.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    41s
  • max time network
    44s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04-01-2023 01:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    1.8MB

  • MD5

    069f7d78fead905eba9ad321096a7f55

  • SHA1

    0e6decf0a70b85825c699020b8a139e05692827e

  • SHA256

    5b0fca6f18ae8fde80d95ae6578dd824271372ca5448ddcb4ffb7f81c8d5607e

  • SHA512

    2bfba49cc003b1e38425d9a57b28c6c141005c721317f86a402846cf362ec9884a717e455826b1aff2574febc6c005067f69efccf4b2125d6205da870e46629d

  • SSDEEP

    24576:ks5lGPjnl4wCuHb807NoAJfwgDwfpAkXWt8533g8wJoVnbUEDZcLAlG0S6vSe:ks5lam4b807J5QSxt8533qJSbUM3zKe

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1120

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1120-54-0x0000000002000000-0x0000000002193000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-55-0x0000000075351000-0x0000000075353000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1120-56-0x000000000B110000-0x000000000B3A1000-memory.dmp

    Filesize

    2.6MB

    Download

  • memory/1120-57-0x0000000002000000-0x0000000002193000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/1120-58-0x000000000AF60000-0x000000000B124000-memory.dmp

    Filesize

    1.8MB

    Download

  • memory/1120-59-0x0000000002000000-0x0000000002193000-memory.dmp

    Filesize

    1.6MB

    Download