6650d4c7c631f101c2fce040f2aaffbc3eb3c10dd04d254c357f6946968e9528

Analysis

max time kernel
119s
max time network
121s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
08/10/2023, 09:57

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

ZeroPoint Injector_[unknowncheats.me]_.exe
Size

48KB
MD5

57a764cfd6c71a1caf30c8dc71b89b75
SHA1

cec2bff7fb0e755f0c8b5523e5c1c21b5665b67f
SHA256

6650d4c7c631f101c2fce040f2aaffbc3eb3c10dd04d254c357f6946968e9528
SHA512

e426326bfb66cc4b832285ca73013d433b9ad083b50c444d17180c2eb85704623112910f1e95f53bc978abe6aded86350f729e132f40a9c1f7d9aca8faf70523
SSDEEP

768:HKOabAktHePvqQNOb3x10tpbyAzc9LRzBNxhioJSrUwm85GwZOB3rI7my:q1bAk+qQNOTGpWlzJD9+5GYaI7

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2444 wrote to memory of 1964	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	29
PID 2444 wrote to memory of 1964	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	29
PID 2444 wrote to memory of 1964	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	29
PID 2444 wrote to memory of 2592	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	30
PID 2444 wrote to memory of 2592	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	30
PID 2444 wrote to memory of 2592	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	30
PID 2444 wrote to memory of 2808	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	31
PID 2444 wrote to memory of 2808	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	31
PID 2444 wrote to memory of 2808	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	31
PID 2444 wrote to memory of 1684	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	32
PID 2444 wrote to memory of 1684	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	32
PID 2444 wrote to memory of 1684	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	32
PID 2444 wrote to memory of 2816	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	33
PID 2444 wrote to memory of 2816	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	33
PID 2444 wrote to memory of 2816	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	33
PID 2444 wrote to memory of 2084	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	34
PID 2444 wrote to memory of 2084	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	34
PID 2444 wrote to memory of 2084	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	34
PID 2444 wrote to memory of 2604	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	35
PID 2444 wrote to memory of 2604	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	35
PID 2444 wrote to memory of 2604	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	35
PID 2444 wrote to memory of 1868	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	36
PID 2444 wrote to memory of 1868	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	36
PID 2444 wrote to memory of 1868	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	36
PID 2444 wrote to memory of 2124	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	37
PID 2444 wrote to memory of 2124	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	37
PID 2444 wrote to memory of 2124	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	37
PID 2444 wrote to memory of 2620	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	38
PID 2444 wrote to memory of 2620	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	38
PID 2444 wrote to memory of 2620	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	38
PID 2444 wrote to memory of 2652	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	39
PID 2444 wrote to memory of 2652	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	39
PID 2444 wrote to memory of 2652	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	39
PID 2444 wrote to memory of 2660	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	40
PID 2444 wrote to memory of 2660	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	40
PID 2444 wrote to memory of 2660	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	40
PID 2444 wrote to memory of 2756	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	41
PID 2444 wrote to memory of 2756	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	41
PID 2444 wrote to memory of 2756	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	41
PID 2444 wrote to memory of 2744	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	42
PID 2444 wrote to memory of 2744	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	42
PID 2444 wrote to memory of 2744	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	42
PID 2444 wrote to memory of 2780	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	43
PID 2444 wrote to memory of 2780	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	43
PID 2444 wrote to memory of 2780	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	43
PID 2444 wrote to memory of 2800	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	44
PID 2444 wrote to memory of 2800	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	44
PID 2444 wrote to memory of 2800	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	44
PID 2444 wrote to memory of 2664	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	45
PID 2444 wrote to memory of 2664	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	45
PID 2444 wrote to memory of 2664	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	45
PID 2444 wrote to memory of 2636	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	46
PID 2444 wrote to memory of 2636	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	46
PID 2444 wrote to memory of 2636	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	46
PID 2444 wrote to memory of 2920	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	47
PID 2444 wrote to memory of 2920	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	47
PID 2444 wrote to memory of 2920	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	47
PID 2444 wrote to memory of 2772	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	48
PID 2444 wrote to memory of 2772	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	48
PID 2444 wrote to memory of 2772	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	48
PID 2444 wrote to memory of 2824	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	49
PID 2444 wrote to memory of 2824	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	49
PID 2444 wrote to memory of 2824	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	49
PID 2444 wrote to memory of 2644	2444	ZeroPoint Injector_[unknowncheats.me]_.exe	50

C:\Users\Admin\AppData\Local\Temp\ZeroPoint Injector_[unknowncheats.me]_.exe
"C:\Users\Admin\AppData\Local\Temp\ZeroPoint Injector_[unknowncheats.me]_.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2444
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1964
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2592
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2808
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1684
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2816
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2084
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2604
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1868
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2124
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2620
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2652
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2660
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2756
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2744
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2780
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2800
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2664
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2636
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2920
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2772
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2824
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2644
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2064
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2916
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2768
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2792
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2672
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2680
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2548
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2876
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2536
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2552
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2676
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:388
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2568
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2788
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2516
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2524
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2532
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2556
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2584
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2632
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:3000
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:3004
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2804
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2320
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1376
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:3008
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2496
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1852
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1968
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2236
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2820
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2612
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2704
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2840
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2832
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2848
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2852
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2880
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1928
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1956
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1628
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2380
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1204
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1576
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1960
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1952
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:872
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2240
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:800
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:804
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2424
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1572
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1644
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2044
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1616
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1800
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1780
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1756
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1676
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:756
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:320
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:524
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:584
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:672
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:472
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:696
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1156
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:912
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:588
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:780
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1500
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1104
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2708
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2688
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2580
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2700
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2812
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:808
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1464
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2488
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1492
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1560
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:628
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1544
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1480
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1248
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1224
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1824
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:2164
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:1940
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c cls
  2⤵
  PID:3020

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads