Overview

overview

3

Static

static

3

Space Simu...on.exe

windows7-x64

1

Space Simu...on.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    16s
  • max time network
    22s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-02-2024 20:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Space Simulation/Space Simulation.exe

  • Size

    66.4MB

  • MD5

    9209d9cbc3be758c7963f0f321ed5f0b

  • SHA1

    2d46dd5d33f9f214fffa463787b609af5363359c

  • SHA256

    4960a52be7a22e3744a78b046c9feb1129c0555f4eefb91e0216348eb84cb331

  • SHA512

    7acf2aa954c8a592d96e4eb16117d4fc9019c76d5cbb4c5ab21f286245e848853c82dfe737a2fb2a54d476b064e587ecfd0ce0d1417c2604305c5bb34c014615

  • SSDEEP

    393216:Teb7kYcaTNSUUFhl//q0byoX8DUIxmodqxuI6t/t7D73:Teb7kYcaBdUFXqroXyQ2/t7

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Space Simulation\Space Simulation.exe
    "C:\Users\Admin\AppData\Local\Temp\Space Simulation\Space Simulation.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2008 -s 192
      2⤵
        PID:2784

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2008-1-0x000000013F720000-0x0000000143B40000-memory.dmp

      Filesize

      68.1MB

      Download