Analysis
-
max time kernel
117s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
15-03-2024 16:43
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8f28e6e7cbb26e8fea9f4159d066d5c2.exe
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
8f28e6e7cbb26e8fea9f4159d066d5c2.exe
Resource
win10v2004-20231215-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
8f28e6e7cbb26e8fea9f4159d066d5c2.exe
-
Size
472KB
-
MD5
8f28e6e7cbb26e8fea9f4159d066d5c2
-
SHA1
cd56b84d780ff97e7a3a4097d7f74b449a8813e0
-
SHA256
94007c8b546d0dc4f027648b7387172b8da85ce2975e935f44dc3f36417d0ca7
-
SHA512
2beac9410fae0ef2f16af15297856ea5f81f684583a7527449c03f045bd24ce6d33eca3623652c6d660bf412b37a92d1ec09106666753bc77942edc1ada8f34b
-
SSDEEP
12288:0qdiSGLLpiP53YQREUOzBunZTfueIPdBV4m+ieY:5iJLFiFYAEXzB2ZzgFr4Bie
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
8f28e6e7cbb26e8fea9f4159d066d5c2.exedescription pid process target process PID 2688 wrote to memory of 2496 2688 8f28e6e7cbb26e8fea9f4159d066d5c2.exe cmd.exe PID 2688 wrote to memory of 2496 2688 8f28e6e7cbb26e8fea9f4159d066d5c2.exe cmd.exe PID 2688 wrote to memory of 2496 2688 8f28e6e7cbb26e8fea9f4159d066d5c2.exe cmd.exe PID 2688 wrote to memory of 2496 2688 8f28e6e7cbb26e8fea9f4159d066d5c2.exe cmd.exe