cf25791f9efef277c057d2c9ad22278e19a4e080487d90b483fa7d91866539b8

Analysis

max time kernel
121s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
18/03/2024, 19:05

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

d4484acf2ddbaa23f052e43c1d36250b.exe
Size

196KB
MD5

d4484acf2ddbaa23f052e43c1d36250b
SHA1

bb208b312e3bcc669b1130e9ec15173732cb6830
SHA256

cf25791f9efef277c057d2c9ad22278e19a4e080487d90b483fa7d91866539b8
SHA512

31644a2be633bf26e3c86c760c2b87fde4f7fce15afcc60c601777147643e89b112bfbe0b184721e262ea4f314a71471c2dc26e35302d2223ddb39d45ac8269c
SSDEEP

3072:LSfb5atc5fU3Mdasu2F5LmnlzVUsfAgYo0i+8ZWFYzf5IszzOXRncPG5:Lsje6uILmzUHgDY80GfeazOXpH

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 1 IoCs

pid	Process
2248	d4484acf2ddbaa23f052e43c1d36250b.exe

Suspicious use of WriteProcessMemory 6 IoCs

description	pid	Process	procid_target
PID 2248 wrote to memory of 1364	2248	d4484acf2ddbaa23f052e43c1d36250b.exe	21
PID 2248 wrote to memory of 1364	2248	d4484acf2ddbaa23f052e43c1d36250b.exe	21
PID 2248 wrote to memory of 1364	2248	d4484acf2ddbaa23f052e43c1d36250b.exe	21
PID 2248 wrote to memory of 1364	2248	d4484acf2ddbaa23f052e43c1d36250b.exe	21
PID 2248 wrote to memory of 1364	2248	d4484acf2ddbaa23f052e43c1d36250b.exe	21
PID 2248 wrote to memory of 1364	2248	d4484acf2ddbaa23f052e43c1d36250b.exe	21

C:\Windows\Explorer.EXE
C:\Windows\Explorer.EXE
1⤵
PID:1364
- C:\Users\Admin\AppData\Local\Temp\d4484acf2ddbaa23f052e43c1d36250b.exe
  "C:\Users\Admin\AppData\Local\Temp\d4484acf2ddbaa23f052e43c1d36250b.exe"
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  - Suspicious use of WriteProcessMemory
  PID:2248

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1364-19-0x000000007EFC0000-0x000000007EFC6000-memory.dmp

Filesize
24KB

Download
memory/1364-8-0x000000007FFF0000-0x000000007FFF1000-memory.dmp

Filesize
4KB

Download
memory/2248-11-0x00000000769A0000-0x0000000076AB0000-memory.dmp

Filesize
1.1MB

Download
memory/2248-33-0x0000000000260000-0x0000000000299000-memory.dmp

Filesize
228KB

Download
memory/2248-18-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/2248-16-0x0000000077401000-0x0000000077402000-memory.dmp

Filesize
4KB

Download
memory/2248-14-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2248-12-0x0000000001F60000-0x0000000001F70000-memory.dmp

Filesize
64KB

Download
memory/2248-34-0x00000000769A0000-0x0000000076AB0000-memory.dmp

Filesize
1.1MB

Download
memory/2248-31-0x0000000077438000-0x0000000077439000-memory.dmp

Filesize
4KB

Download
memory/2248-7-0x00000000002E0000-0x00000000002F0000-memory.dmp

Filesize
64KB

Download
memory/2248-6-0x00000000004D0000-0x00000000004E0000-memory.dmp

Filesize
64KB

Download
memory/2248-5-0x00000000773FF000-0x0000000077400000-memory.dmp

Filesize
4KB

Download
memory/2248-4-0x0000000077400000-0x0000000077401000-memory.dmp

Filesize
4KB

Download
memory/2248-3-0x0000000000260000-0x0000000000299000-memory.dmp

Filesize
228KB

Download
memory/2248-2-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download
memory/2248-1-0x0000000000220000-0x0000000000224000-memory.dmp

Filesize
16KB

Download
memory/2248-0-0x0000000000400000-0x000000000042B000-memory.dmp

Filesize
172KB

Download