Overview

overview

10

Static

static

3

7f89e0d7af...5d.exe

windows7-x64

1

7f89e0d7af...5d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    26-12-2023 17:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    7f89e0d7af8a5d3aac55f8e431a7155d.exe

  • Size

    561KB

  • MD5

    7f89e0d7af8a5d3aac55f8e431a7155d

  • SHA1

    e29ae62587d7f6bdd6a0c35b644a2ffd9f256275

  • SHA256

    af06048a49faa8cc34dfc217cea2064b98e6776d4708d9d6f0d7c0c926ff3105

  • SHA512

    def763a9ac715e9443d5afcac7bd8f3028ffa97f19766158fd3e5cdf710b7379182b18529858751422fc46cee79cfe90ade995d73f8e68b92fb560416450def3

  • SSDEEP

    12288:GfX25krtcNSYIgaqmkllWvxgRs0QYst8Lny2Z7ECwfHP9Mkp/Km3fyBGme2:GfX25krtcNSYIgdu704a1/+/0Gmt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: MapViewOfSection 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7f89e0d7af8a5d3aac55f8e431a7155d.exe
    "C:\Users\Admin\AppData\Local\Temp\7f89e0d7af8a5d3aac55f8e431a7155d.exe"
    1⤵
    • Suspicious behavior: MapViewOfSection
    • Suspicious use of WriteProcessMemory
    PID:2956
    • C:\Users\Admin\AppData\Local\Temp\7f89e0d7af8a5d3aac55f8e431a7155d.exe
      "C:\Users\Admin\AppData\Local\Temp\7f89e0d7af8a5d3aac55f8e431a7155d.exe"
      2⤵
        PID:2276

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2956-2-0x0000000000100000-0x0000000000102000-memory.dmp
      Filesize

      8KB

      Download
    • memory/2956-1-0x00000000003E0000-0x00000000004E0000-memory.dmp
      Filesize

      1024KB

      Download