Overview

overview

3

Static

static

3

d408526a6f...5e.exe

windows7-x64

1

d408526a6f...5e.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    18/03/2024, 16:55

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    d408526a6f74dd6177b9615c4e5b965e.exe

  • Size

    1.0MB

  • MD5

    d408526a6f74dd6177b9615c4e5b965e

  • SHA1

    86069a4810847679bc7e3e725b39b05c1418de57

  • SHA256

    ef597ccf4ec33fd32b79cdc82dd3d0628ca551dd5261adfa36e978a19479c679

  • SHA512

    d0496a242b34c989f9481b3985e9a8bd4958336bdb9565b472dcbf96f0fe3a54c8dc10aa0fb964efacec61262cf59e9949a1f3795123ba965018df777623333c

  • SSDEEP

    24576:jKtI+EfoIlQMUsYQ9ZRtRQVEbxsSzWXLkNsfbIrZ5bqnCHBcNzkrxQ:mtgRiMVYeRHSEbxsS0Lk6CTqnCHG1qQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Windows\Explorer.EXE
    C:\Windows\Explorer.EXE
    1⤵
      PID:1256
      • C:\Users\Admin\AppData\Local\Temp\d408526a6f74dd6177b9615c4e5b965e.exe
        "C:\Users\Admin\AppData\Local\Temp\d408526a6f74dd6177b9615c4e5b965e.exe"
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        • Suspicious use of WriteProcessMemory
        PID:2876

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/1256-4-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

            Filesize

            4KB

            Download

          • memory/1256-12-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

            Filesize

            24KB

            Download

          • memory/2876-0-0x0000000000270000-0x0000000000271000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2876-1-0x0000000001E40000-0x0000000001F1E000-memory.dmp

            Filesize

            888KB

            Download

          • memory/2876-2-0x0000000000400000-0x0000000000510000-memory.dmp

            Filesize

            1.1MB

            Download

          • memory/2876-8-0x0000000010000000-0x0000000010011000-memory.dmp

            Filesize

            68KB

            Download

          • memory/2876-6-0x0000000000400000-0x0000000000510000-memory.dmp

            Filesize

            1.1MB

            Download