Overview

overview

1

Static

static

1

Install_x64.exe

windows7-x64

1

Install_x64.exe

windows10-2004-x64

1

Resubmissions

06/09/2024, 03:18

240906-dt2qestblk 1

06/09/2024, 02:30

240906-czemea1ejj 1

06/09/2024, 02:25

240906-cwf13a1cpj 1

Analysis

  • max time kernel
    70s
  • max time network
    77s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    06/09/2024, 02:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Install_x64.exe

  • Size

    151.9MB

  • MD5

    7ded7c0dd151c41aee9867c63f21e3b1

  • SHA1

    6eda6d6fdf9d5abdef5718d0c1c417cc1889bd54

  • SHA256

    3483d23cd51178fc5acf925034617dd64622f635edad747697bc60a4f07d5265

  • SHA512

    a2b09425cf7bf7a98bb927a85002d89d3e2c3d3504beb8ca0cd677634ea0a913a44684f1e8e146d1be23a4a50a5e36c9c75838f82d36a6e5dd74ee9d905a3d7a

  • SSDEEP

    786432:4t28SOkMhfqpHCOdRIeoxOTx9ylnEk2Fd7yLie63pk3lLwmYEDN:4tiOkMMi5w9qEn7S6S3zYQ

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Install_x64.exe
    "C:\Users\Admin\AppData\Local\Temp\Install_x64.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2008
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2008 -s 540
      2⤵
        PID:2764
    • C:\Windows\explorer.exe
      "C:\Windows\explorer.exe"
      1⤵
        PID:2828

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2008-5-0x00000000032C0000-0x0000000003DE0000-memory.dmp

        Filesize

        11.1MB

        Download

      • memory/2008-9-0x0000000140255000-0x0000000140256000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2008-14-0x00000000061E0000-0x0000000006410000-memory.dmp

        Filesize

        2.2MB

        Download

      • memory/2008-11-0x0000000005260000-0x00000000061E0000-memory.dmp

        Filesize

        15.5MB

        Download

      • memory/2008-18-0x0000000006570000-0x00000000066D0000-memory.dmp

        Filesize

        1.4MB

        Download

      • memory/2008-22-0x0000000001D90000-0x0000000001DD0000-memory.dmp

        Filesize

        256KB

        Download

      • memory/2008-26-0x0000000000180000-0x0000000000190000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2008-30-0x0000000006AC0000-0x0000000006BE0000-memory.dmp

        Filesize

        1.1MB

        Download

      • memory/2008-38-0x0000000000310000-0x0000000000330000-memory.dmp

        Filesize

        128KB

        Download

      • memory/2008-35-0x0000000002550000-0x0000000002600000-memory.dmp

        Filesize

        704KB

        Download