Overview

overview

10

Static

static

3

sailing or...ls.exe

windows7-x64

1

sailing or...ls.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2023 03:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sailing ordersvessels details.exe

  • Size

    432KB

  • MD5

    38c7d78e5d7cfad455053448c7861505

  • SHA1

    f354edfb44d8c47bbdd20ec8b73da46175b4989b

  • SHA256

    8f37fbe5ad7ab657d74837c722b3719561a8f6ad9153ac3e803a654d06041299

  • SHA512

    29ec81a7086d6c4a0f86985a91337055126d1bac29a9f8acc800499742dbd1b1ff5a5e0bbc2e8768546f2a14e5a75faed378499b3e7e05cb5b6f05f10528bf7a

  • SSDEEP

    12288:zD7gUinfOOazylCH8hTk5WukXBfYrOiqoe5:cfOOazy5CWukXBO

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\sailing ordersvessels details.exe
    "C:\Users\Admin\AppData\Local\Temp\sailing ordersvessels details.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2076
    • C:\Users\Admin\AppData\Local\Temp\sailing ordersvessels details.exe
      "C:\Users\Admin\AppData\Local\Temp\sailing ordersvessels details.exe"
      2⤵
        PID:2460

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2076-1-0x0000000074CF0000-0x00000000753DE000-memory.dmp

      Filesize

      6.9MB

      Download

    • memory/2076-0-0x0000000000130000-0x00000000001A2000-memory.dmp

      Filesize

      456KB

      Download

    • memory/2076-2-0x00000000053A0000-0x00000000053F4000-memory.dmp

      Filesize

      336KB

      Download

    • memory/2076-3-0x0000000004890000-0x00000000048D0000-memory.dmp

      Filesize

      256KB

      Download

    • memory/2076-4-0x0000000001DA0000-0x0000000001DAA000-memory.dmp

      Filesize

      40KB

      Download

    • memory/2076-5-0x0000000074CF0000-0x00000000753DE000-memory.dmp

      Filesize

      6.9MB

      Download