1a27f79e136dcf403bb71babaa451996c96ec8f542d1967935cc614ff799ac81

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
13/02/2024, 19:38

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

99f5f3fea5235a689f0420d6be2ca72b.exe
Size

443KB
MD5

99f5f3fea5235a689f0420d6be2ca72b
SHA1

016c8cd757d8b2ef6525bd4da5332566d95a0d15
SHA256

1a27f79e136dcf403bb71babaa451996c96ec8f542d1967935cc614ff799ac81
SHA512

a74f3924e6de57e9f5b738636c1de890a42572f60e98c216f231c9208f703959add118e780d778068afa632bb1f20943ebe8c6e1ff85875b321ea437b490790c
SSDEEP

12288:cyp284UGhoWoQEF3Z4mxxU2U1N55vplUqBV:cyDQmXTUFJpzV

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 2256 set thread context of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2256 wrote to memory of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28
PID 2256 wrote to memory of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28
PID 2256 wrote to memory of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28
PID 2256 wrote to memory of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28
PID 2256 wrote to memory of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28
PID 2256 wrote to memory of 1996	2256	99f5f3fea5235a689f0420d6be2ca72b.exe	28

C:\Users\Admin\AppData\Local\Temp\99f5f3fea5235a689f0420d6be2ca72b.exe
"C:\Users\Admin\AppData\Local\Temp\99f5f3fea5235a689f0420d6be2ca72b.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:2256
- C:\Users\Admin\AppData\Local\Temp\99f5f3fea5235a689f0420d6be2ca72b.exe
  C:\Users\Admin\AppData\Local\Temp\99f5f3fea5235a689f0420d6be2ca72b.exe
  2⤵
  PID:1996

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1996-22-0x0000000000400000-0x0000000000473000-memory.dmp

Filesize
460KB

Download
memory/1996-13-0x0000000000400000-0x0000000000473000-memory.dmp

Filesize
460KB

Download
memory/1996-18-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

Filesize
4KB

Download
memory/1996-26-0x0000000000400000-0x0000000000473000-memory.dmp

Filesize
460KB

Download
memory/1996-28-0x0000000010000000-0x0000000010074000-memory.dmp

Filesize
464KB

Download
memory/2256-8-0x0000000001E80000-0x0000000001E81000-memory.dmp

Filesize
4KB

Download
memory/2256-19-0x0000000003140000-0x0000000003141000-memory.dmp

Filesize
4KB

Download
memory/2256-7-0x0000000001E90000-0x0000000001E91000-memory.dmp

Filesize
4KB

Download
memory/2256-6-0x0000000001E20000-0x0000000001E21000-memory.dmp

Filesize
4KB

Download
memory/2256-5-0x0000000001E30000-0x0000000001E31000-memory.dmp

Filesize
4KB

Download
memory/2256-4-0x00000000021B0000-0x00000000021B1000-memory.dmp

Filesize
4KB

Download
memory/2256-3-0x0000000001E50000-0x0000000001E51000-memory.dmp

Filesize
4KB

Download
memory/2256-2-0x0000000001E70000-0x0000000001E71000-memory.dmp

Filesize
4KB

Download
memory/2256-14-0x00000000003E0000-0x00000000003E1000-memory.dmp

Filesize
4KB

Download
memory/2256-16-0x00000000003F0000-0x00000000003F1000-memory.dmp

Filesize
4KB

Download
memory/2256-17-0x0000000003150000-0x0000000003151000-memory.dmp

Filesize
4KB

Download
memory/2256-0-0x0000000010000000-0x0000000010074000-memory.dmp

Filesize
464KB

Download
memory/2256-9-0x00000000021C0000-0x00000000021C1000-memory.dmp

Filesize
4KB

Download
memory/2256-10-0x0000000001E40000-0x0000000001E41000-memory.dmp

Filesize
4KB

Download
memory/2256-27-0x0000000001B80000-0x0000000001BD4000-memory.dmp

Filesize
336KB

Download
memory/2256-11-0x0000000003120000-0x0000000003121000-memory.dmp

Filesize
4KB

Download
memory/2256-24-0x0000000010000000-0x0000000010074000-memory.dmp

Filesize
464KB

Download
memory/2256-23-0x0000000003200000-0x0000000003274000-memory.dmp

Filesize
464KB

Download
memory/2256-21-0x0000000003130000-0x0000000003131000-memory.dmp

Filesize
4KB

Download
memory/2256-12-0x0000000003110000-0x0000000003111000-memory.dmp

Filesize
4KB

Download
memory/2256-1-0x0000000001B80000-0x0000000001BD4000-memory.dmp

Filesize
336KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads