Overview

overview

3

Static

static

3

796bb92c14...f3.exe

windows7-x64

1

796bb92c14...f3.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    26-12-2023 15:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    796bb92c142601cbf48ee21691335bf3.exe

  • Size

    122KB

  • MD5

    796bb92c142601cbf48ee21691335bf3

  • SHA1

    67f72c01f15f346b49c6e46ec7b57c079508451f

  • SHA256

    05e7c8e9ae4280c9704483d8c6db92258fe3d93d0d2061fbbbf28c2121d96f1e

  • SHA512

    3c4efafff54479fff9b18d8dc4477c2415620d578f276c4860462838416ed03313989abf843a83b9a05a319e64a9b47d7d66d286b1a4d2ad2341035bceb6cbb8

  • SSDEEP

    3072:28B8sV616kQ3uB5LJQ2U7EnO+FL5iuea/2xh0+/l8E3:28CsVrkn5LJhU7EnOe3eFxhN8Y

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:3440
      • C:\Users\Admin\AppData\Local\Temp\796bb92c142601cbf48ee21691335bf3.exe
        "C:\Users\Admin\AppData\Local\Temp\796bb92c142601cbf48ee21691335bf3.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of UnmapMainImage
        • Suspicious use of WriteProcessMemory
        PID:536

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/536-0-0x0000000017180000-0x000000001719F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/536-1-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download

    • memory/536-2-0x0000000000400000-0x000000000041F000-memory.dmp

      Filesize

      124KB

      Download