Overview

overview

10

Static

static

3

4d5ad17afb...0e.exe

windows7-x64

5

4d5ad17afb...0e.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    122s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    13-10-2023 23:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4d5ad17afba094be5ae7ab14a5bd7c816ed861ad2fb2d6ba711dddf0f40bec0e.exe

  • Size

    2.5MB

  • MD5

    3d91b4b4877130321fe2dff023f31b4b

  • SHA1

    e857122f0f46d22036c64f58d52dd3387ea2c582

  • SHA256

    4d5ad17afba094be5ae7ab14a5bd7c816ed861ad2fb2d6ba711dddf0f40bec0e

  • SHA512

    ca6df76d3ca8d64adbbfbd6466b30ab0d715134b7a637087827bf3dfeb5210ab49e1f7f2852d27a30b341bafca3b8cd5ff0511c2967ddc44bf852daf104988f6

  • SSDEEP

    24576:tMwN6yuB40zA0pHxV+L3DkU6KJi6a9Dhvh5wFbykjTJijcwEkeOR4/4z71+jsJR/:N6tzA0pHxVmkv6a3vgm+TEQ6ngd03z

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 21 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\4d5ad17afba094be5ae7ab14a5bd7c816ed861ad2fb2d6ba711dddf0f40bec0e.exe
    "C:\Users\Admin\AppData\Local\Temp\4d5ad17afba094be5ae7ab14a5bd7c816ed861ad2fb2d6ba711dddf0f40bec0e.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2408
    • C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe
      "C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3044
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3044 -s 200
        3⤵
        • Program crash
        PID:2720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3044-2-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-3-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-6-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-5-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-7-0x00000000FFFDE000-0x00000000FFFDF000-memory.dmp

    Filesize

    4KB

    Download

  • memory/3044-8-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-4-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-0-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-10-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download

  • memory/3044-12-0x0000000000400000-0x00000000004CC000-memory.dmp

    Filesize

    816KB

    Download