Overview

overview

6

Static

static

1

PatchMyPC.exe

windows7-x64

1

PatchMyPC.exe

windows10-2004-x64

6

Analysis

  • max time kernel
    240s
  • max time network
    246s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    18-08-2024 08:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PatchMyPC.exe

  • Size

    2.5MB

  • MD5

    8a5fcb46ed7f458a508f9e7f31b2950c

  • SHA1

    8b68711f8de7ba182427da118644b63083894fee

  • SHA256

    d5a2ddba0ee5c577268d69bbc129046d48f36c8306c8a57d4f6b2e2ded193202

  • SHA512

    c44e4f7b2782d36fe33ef8cbf22e0a2a3a086cde82aa4a2c8856099391ca202f7df7ee84c6f59bba24ada636964edcac1d966fb50c2cd0cad7219af4a273222f

  • SSDEEP

    24576:DEZDSTqCIraM1VVPIpvl1SqEU/+uRuNixgxkaBRrI0kDf:DEo+DraM1VVPIpvl1SQ/+uMOg33Ibr

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PatchMyPC.exe
    "C:\Users\Admin\AppData\Local\Temp\PatchMyPC.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2064
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2064 -s 2088
      2⤵
        PID:2528

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2064-0-0x000007FEF5583000-0x000007FEF5584000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2064-1-0x00000000009B0000-0x0000000000C2C000-memory.dmp

      Filesize

      2.5MB

      Download

    • memory/2064-2-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2064-3-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2064-4-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2064-5-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

      Filesize

      9.9MB

      Download

    • memory/2064-6-0x000007FEF5583000-0x000007FEF5584000-memory.dmp

      Filesize

      4KB

      Download

    • memory/2064-7-0x000007FEF5580000-0x000007FEF5F6C000-memory.dmp

      Filesize

      9.9MB

      Download