Overview

overview

10

Static

static

3

file.exe

windows7-x64

5

file.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 03:20

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    file.exe

  • Size

    9.9MB

  • MD5

    1f1f4fe201d22d5a3780966ed7244fea

  • SHA1

    176268a77d1496ae64d97467887c494e08dd57a8

  • SHA256

    0914e92d15507742da4feef71b1b21230138b450e334855cd980f46b394c4f71

  • SHA512

    eeec7d6faaad7be0d02e6a7068dd2e667790fa45c1aa80cb23ff497595010a8766601b93a2a93ac3b2943a098090a2515e9b729e1de94d9247b1b40f0d057317

  • SSDEEP

    98304:DFyisqTCKL5RhT3cyQBpU6nEU8/m5xLg:kWjLpjcyQLU6EU

Score
5/10

Malware Config

Signatures

  • Suspicious use of SetThreadContext 1 IoCs
  • Suspicious use of WriteProcessMemory 6 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\file.exe
    "C:\Users\Admin\AppData\Local\Temp\file.exe"
    1⤵
    • Suspicious use of SetThreadContext
    • Suspicious use of WriteProcessMemory
    PID:2692
    • C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
      C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
      2⤵
        PID:2240

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads

          • memory/2240-5-0x0000000000110000-0x000000000015F000-memory.dmp

            Filesize

            316KB

            Download

          • memory/2240-8-0x000000007EFDE000-0x000000007EFDF000-memory.dmp

            Filesize

            4KB

            Download

          • memory/2240-7-0x0000000000110000-0x000000000015F000-memory.dmp

            Filesize

            316KB

            Download

          • memory/2240-12-0x0000000000110000-0x000000000015F000-memory.dmp

            Filesize

            316KB

            Download

          • memory/2240-11-0x0000000000110000-0x000000000015F000-memory.dmp

            Filesize

            316KB

            Download

          • memory/2692-4-0x000000013F7F0000-0x000000014023B000-memory.dmp

            Filesize

            10.3MB

            Download

          • memory/2692-9-0x000000013F7F0000-0x000000014023B000-memory.dmp

            Filesize

            10.3MB

            Download