Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
21/05/2024, 19:35
Behavioral task
behavioral1
Sample
avast.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
avast.exe
Resource
win10v2004-20240508-en
General
-
Target
avast.exe
-
Size
40.2MB
-
MD5
99a40c5610866ea995af39f172b448e2
-
SHA1
42849a94592d63ff5013114555130f994455efab
-
SHA256
b7a58e2ca2dcce78f002f12b041ffce01dc7d6faa32c5986ec6720f67e36b175
-
SHA512
e0dfb5720bb1641f58a8c8eac411422c480f386c851948a9c9313cbda8a9d618764835c056c6a98e3ea4b31b97c2fac5295ae9086395218a5d2521a2ad9e622c
-
SSDEEP
786432:V+gX4BMdhwzTQXR5FbPp3CLTFcSS5U/LT2K3jygVLzjvJVS2owW+e5Jz9M:PXGMm4XR3b9CLmSCU/+eyglvv/S2owWS
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
pid Process 672 avast.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2728 wrote to memory of 672 2728 avast.exe 28 PID 2728 wrote to memory of 672 2728 avast.exe 28 PID 2728 wrote to memory of 672 2728 avast.exe 28
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
6.6MB
MD55c5602cda7ab8418420f223366fff5db
SHA152f81ee0aef9b6906f7751fd2bbd4953e3f3b798
SHA256e7890e38256f04ee0b55ac5276bbf3ac61392c3a3ce150bb5497b709803e17ce
SHA51251c3b4f29781bb52c137ddb356e1bc5a37f3a25f0ed7d89416b14ed994121f884cb3e40ccdbb211a8989e3bd137b8df8b28e232f98de8f35b03965cfce4b424f