Overview

overview

7

Static

static

1

Setup PES ...23.exe

windows7-x64

7

Setup PES ...23.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    127s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-es
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-eslocale:es-esos:windows10-2004-x64systemwindows
  • submitted
    15/02/2023, 18:39

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    Setup PES 6 The Den Patch 2022-23.exe

  • Size

    3.7MB

  • MD5

    0f9971ea09e92bde8eac0254da54fb4e

  • SHA1

    6fc02e13be81553615943a6ec295e01794defe57

  • SHA256

    2bdc80d02f1d8e926c5b6c303fca85f17cc9050c2fbeabd4fdc65330606f6501

  • SHA512

    2d95a34fc7612cb29e9fcc89c8c04de3ac621f38e4b6d8c8f636cfd92e1ceac3104ebc754b4acc55440d724713c99a98d3e187a1d25d720e5e051be264bae0b6

  • SSDEEP

    49152:aBuZrEUBWKR4D5yj3Nex+VwT+V4zxnCa7+FGYqqeTI8pbBCZcC0sT5zv:8kLB3RgWaEwT+V4ka7iqEZcnslzv

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Setup PES 6 The Den Patch 2022-23.exe
    "C:\Users\Admin\AppData\Local\Temp\Setup PES 6 The Den Patch 2022-23.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:648
    • C:\Users\Admin\AppData\Local\Temp\is-L58QJ.tmp\Setup PES 6 The Den Patch 2022-23.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-L58QJ.tmp\Setup PES 6 The Den Patch 2022-23.tmp" /SL5="$E006A,784896,0,C:\Users\Admin\AppData\Local\Temp\Setup PES 6 The Den Patch 2022-23.exe"
      2⤵
      • Executes dropped EXE
      PID:4884

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\Local\Temp\is-L58QJ.tmp\Setup PES 6 The Den Patch 2022-23.tmp
          Filesize

          3.0MB

          MD5

          4383e117deba5340eaca570fc9ffb49c

          SHA1

          540f0fb2a2f75146b855a0510513e661fdb2d6e2

          SHA256

          179bdb3a0cc6d4f6cc0fe0338d735c421e7de819edf4b3e480a23850d66e6665

          SHA512

          f16c90eaa61dbea7d19c33520448fdab6b225da4649037a99a2ccc57308f4c43aef4c0331d7ec3ecedf30fda939d812790fba33251e8647f0f2927b123591bcf

          Download Submit

        • memory/648-132-0x0000000000400000-0x00000000004CD000-memory.dmp

          Filesize

          820KB

          Download

        • memory/648-136-0x0000000000400000-0x00000000004CD000-memory.dmp

          Filesize

          820KB

          Download

        • memory/648-137-0x0000000000400000-0x00000000004CD000-memory.dmp

          Filesize

          820KB

          Download