Overview

overview

10

Static

static

1

3055C4B82D...36.exe

windows7-x64

3

3055C4B82D...36.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    140s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    22-07-2024 11:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3055C4B82D8B627DB373614C77883636.exe

  • Size

    5.2MB

  • MD5

    3055c4b82d8b627db373614c77883636

  • SHA1

    6527d951a4a2eedcb8aa42438379d171d9e3da98

  • SHA256

    bd317f7382a91fd100ed8248422c1310328ca9f03eb42075ae4d231c73b46225

  • SHA512

    a636097869a9bf661056d2f7c9d25761350eaf8b30aa52e6045ebff28a62e1dfa37c7378d21625ccf1e5dd072bd4dc084da5b9139e8d2a8d735e0e1345a04fd3

  • SSDEEP

    98304:6L12oHlXRYNuSt4uqkQfgNFdv0MlYi2WDS7HiZ+NmvXvEeRORwf12FA/AjOAAmNy:m1lXRYNuSt4uqffu0MyYSuZ+NIXvEF6f

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\3055C4B82D8B627DB373614C77883636.exe
    "C:\Users\Admin\AppData\Local\Temp\3055C4B82D8B627DB373614C77883636.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of WriteProcessMemory
    PID:1724
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -u -p 1724 -s 216
      2⤵
      • Program crash
      PID:1832

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\616062ba
    Filesize

    2.3MB

    MD5

    55283059541cd6152f1e32c45f76a3c9

    SHA1

    25f96eb8a3df3f01ea450c1041174340cafed69c

    SHA256

    b8f00eda9789e6fe25d64f0e9181cb43f26c83878bf183437b06f2f04d758eaa

    SHA512

    e5cecdccbf1a84a1bd184e7a6999c4ec147a27302681dc1a4ba0f2db87f27f45e57b2218faebc97c4ce32c8a660546d8726c5219afe40aa7c1d69c8749cbd05e

    Download Submit

  • memory/1724-0-0x0000000000400000-0x000000000093B000-memory.dmp

    Filesize

    5.2MB

    Download

  • memory/1724-6-0x00000000754E0000-0x0000000075538000-memory.dmp

    Filesize

    352KB

    Download

  • memory/1724-7-0x0000000077CA0000-0x0000000077E49000-memory.dmp

    Filesize

    1.7MB

    Download

  • memory/1724-8-0x0000000000400000-0x000000000093B000-memory.dmp

    Filesize

    5.2MB

    Download