Overview

overview

7

Static

static

7

511bd280c4...d7.exe

windows7-x64

1

511bd280c4...d7.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2024 16:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    511bd280c4222a561cd3c48cb980ddd7.exe

  • Size

    37KB

  • MD5

    511bd280c4222a561cd3c48cb980ddd7

  • SHA1

    6d54171d08160e499dc37f7f2ec7e414b1723032

  • SHA256

    e8384610927e49744a5d14a7a1c9501118b0c9c5c61799939ab330087f4b6d5b

  • SHA512

    89b71554bd1a2648bb442ba6826ccd5021c0dad686021025553074ae6d5af361ed7b7b6c56108d19a96bf8303def9d50b7dfbec5853adc6113f56b3dd5f4fd79

  • SSDEEP

    768:ZYegiyHmmVA7MVWXvXVGul4bdpllHTI0uffSLGrq8kQXHS:gNG1lGul4bdZHruSLskn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1208
      • C:\Users\Admin\AppData\Local\Temp\511bd280c4222a561cd3c48cb980ddd7.exe
        "C:\Users\Admin\AppData\Local\Temp\511bd280c4222a561cd3c48cb980ddd7.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2252

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1208-7-0x000000007FFF0000-0x000000007FFF7000-memory.dmp

      Filesize

      28KB

      Download

    • memory/1208-10-0x000000007EFD0000-0x000000007EFD1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2252-4-0x00000000002B0000-0x00000000002B1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2252-5-0x0000000000400000-0x000000000041708F-memory.dmp

      Filesize

      92KB

      Download

    • memory/2252-3-0x00000000002C0000-0x00000000002C1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2252-2-0x0000000000400000-0x000000000041708F-memory.dmp

      Filesize

      92KB

      Download

    • memory/2252-0-0x0000000000400000-0x000000000041708F-memory.dmp

      Filesize

      92KB

      Download

    • memory/2252-6-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2252-20-0x0000000010000000-0x0000000010013000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2252-19-0x0000000000400000-0x000000000041708F-memory.dmp

      Filesize

      92KB

      Download