Overview

overview

3

Static

static

3

9679b8b0e7...fe.exe

windows7-x64

1

9679b8b0e7...fe.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/02/2024, 06:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9679b8b0e77b96f688e40a84caa3e7fe.exe

  • Size

    94KB

  • MD5

    9679b8b0e77b96f688e40a84caa3e7fe

  • SHA1

    e1143c353a1aabc8564cd73e265cd845a26375bf

  • SHA256

    cb6a9fb938f7ce5429ccddea94548850c02678f0ded7cdeb2e9730059f742b50

  • SHA512

    586397732d933c567d947127f5894318c945e73e2803083aef5e8f9dd4e7bcb0d6a0664e41b0c3a564c9d8e21189a6fb9e99dd29cc84d866b4ad0f08e6a6e4c6

  • SSDEEP

    1536:KH/BlFTXLBtB55FPujck2fLbTq3j5FPai6q7kxYwJsYiaCQCMonxM:KBbLBtBRP6+XTnLq7kPJswCVM2xM

Score
1/10

Malware Config

Signatures

  • Suspicious use of UnmapMainImage 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9679b8b0e77b96f688e40a84caa3e7fe.exe
    "C:\Users\Admin\AppData\Local\Temp\9679b8b0e77b96f688e40a84caa3e7fe.exe"
    1⤵
    • Suspicious use of UnmapMainImage
    • Suspicious use of WriteProcessMemory
    PID:3044
    • C:\Windows\SysWOW64\svchost.exe
      svchost.exe
      2⤵
        PID:1728

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1728-2-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1728-3-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1728-4-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download

    • memory/1728-8-0x0000000000080000-0x0000000000089000-memory.dmp

      Filesize

      36KB

      Download

    • memory/3044-0-0x00000000002F0000-0x00000000002F1000-memory.dmp

      Filesize

      4KB

      Download

    • memory/3044-1-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download

    • memory/3044-5-0x0000000000400000-0x0000000000414000-memory.dmp

      Filesize

      80KB

      Download