Overview

overview

4

Static

static

3

65192db9b6...68.exe

windows7-x64

1

65192db9b6...68.exe

windows10-2004-x64

4

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/12/2023, 09:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    65192db9b68da571e1098c5bcb46f568.exe

  • Size

    150KB

  • MD5

    65192db9b68da571e1098c5bcb46f568

  • SHA1

    34c9ca75120a49fb356485b34911ce420c9cec5f

  • SHA256

    6bfe4fbec99b107945b78ffca56caba0c26178ec157188590c637a2c2e2e85e6

  • SHA512

    2eb8951fbea6e9622e10f1cf69e5f309a2af1f0a74564274102f279d001b7692cdd1f15efd2b49a7bcc44dd883ddd0a79898f6599b53ef5e1b61a3c88b3039b5

  • SSDEEP

    1536:Zgy3qUpjCPMFJsNMlNaOQg/CDHmsOongCWCAx+9Pj6ItnsxMf56sf3ClfBlIEU/e:R6XMyM3xQDDHmsgCWChGAJkCz/BppA

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\65192db9b68da571e1098c5bcb46f568.exe
    "C:\Users\Admin\AppData\Local\Temp\65192db9b68da571e1098c5bcb46f568.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Windows\Microsoft.NET\Framework\v2.0.50727\dw20.exe
      dw20.exe -x -s 396
      2⤵
        PID:2928

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2136-0-0x0000000074F00000-0x00000000754AB000-memory.dmp

            Filesize

            5.7MB

            Download

          • memory/2136-2-0x0000000001FD0000-0x0000000002010000-memory.dmp

            Filesize

            256KB

            Download

          • memory/2136-1-0x0000000074F00000-0x00000000754AB000-memory.dmp

            Filesize

            5.7MB

            Download

          • memory/2136-4-0x0000000074F00000-0x00000000754AB000-memory.dmp

            Filesize

            5.7MB

            Download

          • memory/2136-5-0x0000000001FD0000-0x0000000002010000-memory.dmp

            Filesize

            256KB

            Download

          • memory/2928-3-0x00000000004F0000-0x00000000004F1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2928-6-0x00000000004F0000-0x00000000004F1000-memory.dmp

            Filesize

            4KB

            Download