Analysis
-
max time kernel
46s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
04-02-2024 15:30
Behavioral task
behavioral1
Sample
Spy Note 6.4/SpyNote Cracked.exe
Resource
win7-20231215-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
Spy Note 6.4/SpyNote Cracked.exe
Resource
win10v2004-20231222-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
Spy Note 6.4/SpyNote Cracked.exe
-
Size
6.1MB
-
MD5
b4bb4a074169545d22ad0278e66ec96b
-
SHA1
c386177d35f0959fa55606df1bb6995b46030c61
-
SHA256
b3ca2f2cc15a16fc390172a9507337dc1f73d3501b46e2c761238171456654ae
-
SHA512
c0374732df1bdc15fac5229019d2962485d9a221b970690c1d2e6eb0af6401b0c98fc5d9e1584b7896e28c122afb1faa196ae5ba441f234a522c2746c5931998
-
SSDEEP
98304:Op2AEpDZEXXZlZYZlbHn7CFK5PnOSPz3ZhqARLlJQHagle:OQvdZEXpGbH7CU9OiphhxlJJg
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
SpyNote Cracked.exedescription pid process target process PID 1948 wrote to memory of 3032 1948 SpyNote Cracked.exe WerFault.exe PID 1948 wrote to memory of 3032 1948 SpyNote Cracked.exe WerFault.exe PID 1948 wrote to memory of 3032 1948 SpyNote Cracked.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1948-1-0x000007FEF5430000-0x000007FEF5E1C000-memory.dmpFilesize
9.9MB
-
memory/1948-0-0x00000000007C0000-0x0000000000DE0000-memory.dmpFilesize
6.1MB
-
memory/1948-2-0x0000000002470000-0x00000000024EA000-memory.dmpFilesize
488KB
-
memory/1948-3-0x000000001B720000-0x000000001B7A0000-memory.dmpFilesize
512KB
-
memory/1948-4-0x000007FEF5430000-0x000007FEF5E1C000-memory.dmpFilesize
9.9MB