Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\hv7H7u7IvS.exe

"C:\Users\user\Desktop\hv7H7u7IvS.exe"

Details

Is windows:	false
Is dropped:	false
PID:	1004
Target ID:	0
Parent PID:	2580
Name:	hv7H7u7IvS.exe
Path:	C:\Users\user\Desktop\hv7H7u7IvS.exe
Commandline:	"C:\Users\user\Desktop\hv7H7u7IvS.exe"
Size:	30408704
MD5:	50F45A0537EAC244E3AFA4F07684095D
Time:	22:23:57
Date:	26/04/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x7ff66dd50000
Modulesize:	360448
Wow64:	false

Signature Hits	Behavior Group	Mitre Attack
PE file contains sections with non-standard names	Data Obfuscation
PE file has an executable .text section and no other executable section	System Summary
Sample reads its own file content	System Summary
PE file contains a valid data directory to section mapping	System Summary
PE file contains a debug data directory	System Summary
Contains modern PE file flags such as dynamic base (ASLR) or NX	Compliance, System Summary
PE file contains a mix of data directories often seen in goodware	System Summary
PE file has a high image base, often used for DLLs	System Summary
Submission file is bigger than most known malware samples	System Summary

Memdumps

Base Address

Regiontype

Protect

Malicious

7FF66DD91000

unkown

page read and write

1F09DFED000

heap

page read and write

7FF66DD50000

unkown

page readonly

1F09FA60000

heap

page read and write

1F09DFE0000

heap

page read and write

1F09FA65000

heap

page read and write

1F09DFF1000

heap

page read and write

1F09DFF7000

heap

page read and write

7FF66DD7C000

unkown

page readonly

1F09DFED000

heap

page read and write

1F09DFDF000

heap

page read and write

1F09E1C0000

heap

page read and write

C9DC9DE000

stack

page read and write

1F09E0D0000

heap

page read and write

7FF66DD7C000

unkown

page readonly

1F09DFE3000

heap

page read and write

1F09DFE3000

heap

page read and write

1F09DFC0000

heap

page read and write

C9DC7E6000

stack

page read and write

1F09DFEE000

heap

page read and write

7FF66DD50000

unkown

page readonly

7FF66DD93000

unkown

page readonly

7FF66DD51000

unkown

page execute read

1F09DFC8000

heap

page read and write

1F0A2B10000

trusted library allocation

page read and write

1F09DFF2000

heap

page read and write

7FF66DD93000

unkown

page readonly

7FF66DD8F000

unkown

page write copy

1F09DFFE000

heap

page read and write

1F09FA6A000

heap

page read and write

1F0A12D3000

heap

page read and write

C9DCBCE000

stack

page read and write

1F09FA00000

heap

page read and write

1F09E1B0000

heap

page readonly

1F09F990000

heap

page read and write

1F0A12D0000

heap

page read and write

7FF66DD8F000

unkown

page read and write

7FF66DD51000

unkown

page execute read

1F09FA70000

heap

page read and write

1F09E00A000

heap

page read and write

There are 30 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
hv7H7u7IvS.exe

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Reporthv7H7u7IvS.exe

Processes

Memdumps

IOC Report
hv7H7u7IvS.exe