Overview

overview

7

Static

static

1

Mods de op...�n.exe

windows7-x64

7

Mods de op...�n.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    152s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/03/2023, 14:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Mods de optimización.exe

  • Size

    141.9MB

  • MD5

    dc23c82077d95162b8208d1bcbd2fe52

  • SHA1

    6776881ebd80f3076b38dca7d7a38712214484e5

  • SHA256

    fd12fd330b1a031ebb33d117b6b3e2b54a69c32c343bf95aad8b45a8690bdc06

  • SHA512

    4e4f4482535b88c0e3b788cbb4d3ec1bfa710a26c30644fb989c7ed7e9d9a6e3d8a039e8852a015dace1ec10ecfd1ee6e544d9ab5dab8b6a695a036aa28d5450

  • SSDEEP

    3145728:NppfK9hUaahWqXEVIlrokXBVwZ9do8XCzdFFqcC6eEN:NPK7eWqXEVIFXjwZ9do8yDpN

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Mods de optimización.exe
    "C:\Users\Admin\AppData\Local\Temp\Mods de optimización.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1752
    • C:\Users\Admin\AppData\Local\Temp\is-SVAHG.tmp\Mods de optimización.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-SVAHG.tmp\Mods de optimización.tmp" /SL5="$8002A,147892526,869376,C:\Users\Admin\AppData\Local\Temp\Mods de optimización.exe"
      2⤵
      • Executes dropped EXE
      PID:2488

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-SVAHG.tmp\Mods de optimización.tmp
    Filesize

    3.1MB

    MD5

    e96e1e2d55170bd3121b07530b4051a5

    SHA1

    a6949a90f08dfd7932b1fe097c13d7095b3adddc

    SHA256

    4ff1021df7a678cc4d5e753591333c3a0dd59582cc5dcb86d86635bdf191ac73

    SHA512

    50e8de1a6d9b60fa4f434bddef24266b37cec6da3a9f666ba46aeaf9123c92b280fe316a2056713592af68476da529da8c5e08ae43b33b5f452dae2c0e7677ec

    Download Submit

  • memory/1752-133-0x0000000000400000-0x00000000004E1000-memory.dmp

    Filesize

    900KB

    Download

  • memory/1752-139-0x0000000000400000-0x00000000004E1000-memory.dmp

    Filesize

    900KB

    Download

  • memory/2488-138-0x0000000000A20000-0x0000000000A21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/2488-140-0x0000000000400000-0x000000000071D000-memory.dmp

    Filesize

    3.1MB

    Download