Overview

overview

3

Static

static

3

1aae8d9ab9...a7.exe

windows7-x64

1

1aae8d9ab9...a7.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 13:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1aae8d9ab91e55d14990e7495042dea7.exe

  • Size

    111KB

  • MD5

    1aae8d9ab91e55d14990e7495042dea7

  • SHA1

    a3fbea652f1174639952aff44bbe8d2d2ce46c1e

  • SHA256

    6cac6b66befca3bf10b5b08665dc401b87a04f4931d8a59e589c778172d0f839

  • SHA512

    1c224b5a2f21be62bb57626d55fa207e554188a30a1b8ac287e4aa8423fe74de52e7cc5f097b733333c1c7b19fe9efd0f753dcafcd05e2780e2574aa0502ba12

  • SSDEEP

    1536:R+Xob09sc9WGa0AGJlK+imQjWMnARo+cgBuyuib3i6J9f6k1XGrsVB:UXLscyMlhQjWMnARoYuyufk1XGoV

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\SysWOW64\svchost.exe
    svchost.exe
    1⤵
      PID:1792
    • C:\Users\Admin\AppData\Local\Temp\1aae8d9ab91e55d14990e7495042dea7.exe
      "C:\Users\Admin\AppData\Local\Temp\1aae8d9ab91e55d14990e7495042dea7.exe"
      1⤵
      • Suspicious use of UnmapMainImage
      • Suspicious use of WriteProcessMemory
      PID:2672

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1792-5-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1792-4-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1792-2-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1792-9-0x00000000000C0000-0x00000000000C9000-memory.dmp

      Filesize

      36KB

      Download

    • memory/2672-1-0x0000000000240000-0x0000000000242000-memory.dmp

      Filesize

      8KB

      Download

    • memory/2672-8-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download

    • memory/2672-3-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download

    • memory/2672-0-0x0000000000400000-0x0000000000424000-memory.dmp

      Filesize

      144KB

      Download