Overview

overview

3

Static

static

3

1268bd9303...46.exe

windows7-x64

3

1268bd9303...46.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    141s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    18/09/2023, 19:30

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    1268bd93035bef4668cb7eff0f83221e603199d0d7d17ee3885823d2303c9c46.exe

  • Size

    9.8MB

  • MD5

    a3d2fdbefb75579475c3224ee417d544

  • SHA1

    8148ed3981941aaae1c9db44cd037dd0a3b18613

  • SHA256

    1268bd93035bef4668cb7eff0f83221e603199d0d7d17ee3885823d2303c9c46

  • SHA512

    47fa8e8b3580a0a8f8357c7a7405ee8a204713513c590c19c855c49dfa4b7b12002d1b3773fd6b5b5ac60360f55f8a3c902b7fe11f714ada0bd648d2d226dce4

  • SSDEEP

    196608:1Fu5ftzgOqBrZi6AIvTIotBTVBSdc/9pSex//+nI0qBqD1tOz6BE:ru5fFIFc6BT7Sa/9AqmnLGqDHOGC

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\1268bd93035bef4668cb7eff0f83221e603199d0d7d17ee3885823d2303c9c46.exe
    "C:\Users\Admin\AppData\Local\Temp\1268bd93035bef4668cb7eff0f83221e603199d0d7d17ee3885823d2303c9c46.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1900
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1900 -s 404
      2⤵
      • Program crash
      PID:1532

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/1900-0-0x0000000000400000-0x0000000001E9C000-memory.dmp

          Filesize

          26.6MB

          Download

        • memory/1900-1-0x0000000000250000-0x0000000000253000-memory.dmp

          Filesize

          12KB

          Download

        • memory/1900-2-0x0000000000400000-0x0000000001E9C000-memory.dmp

          Filesize

          26.6MB

          Download

        • memory/1900-5-0x0000000050000000-0x0000000050109000-memory.dmp

          Filesize

          1.0MB

          Download

        • memory/1900-6-0x0000000000400000-0x0000000001E9C000-memory.dmp

          Filesize

          26.6MB

          Download

        • memory/1900-7-0x0000000000250000-0x0000000000253000-memory.dmp

          Filesize

          12KB

          Download