Overview

overview

3

Static

static

3

8c83ef473a...3c.exe

windows7-x64

1

8c83ef473a...3c.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 14:05

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8c83ef473a2f62b0c780387a5058913c.exe

  • Size

    136KB

  • MD5

    8c83ef473a2f62b0c780387a5058913c

  • SHA1

    165a149c6f2a2388759dfc563a06f3015dee9a58

  • SHA256

    bdb971813f0fa05991384623c89da4171229bede00f96a6016b4197df5c5e972

  • SHA512

    45ef249f616c4ded9cf14ff1f2d79d737aaee28815ab80be46f6c525b9c6dbd21ddcdaf908a798dac42f94e03d765adbb1209153f71738d3a5a7446383638021

  • SSDEEP

    3072:XQGRzXgI4B7gjiATyEAQiXthEYFhKQsxUslkBE:gAH4B0+ATyEwXtnhKQsxUsls

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8c83ef473a2f62b0c780387a5058913c.exe
    "C:\Users\Admin\AppData\Local\Temp\8c83ef473a2f62b0c780387a5058913c.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:2872
  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1380

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1380-1-0x0000000002E70000-0x0000000002E7C000-memory.dmp

            Filesize

            48KB

            Download

          • memory/1380-0-0x0000000002E70000-0x0000000002E7C000-memory.dmp

            Filesize

            48KB

            Download

          • memory/2872-3-0x0000000000780000-0x0000000000782000-memory.dmp

            Filesize

            8KB

            Download

          • memory/2872-2-0x0000000000400000-0x0000000000418000-memory.dmp

            Filesize

            96KB

            Download

          • memory/2872-4-0x0000000000780000-0x0000000000782000-memory.dmp

            Filesize

            8KB

            Download