Automated Malware Analysis IOC Report for

Processes

Path

Cmdline

Malicious

C:\Users\user\Desktop\Installer.exe

"C:\Users\user\Desktop\Installer.exe"

Details

Is windows:	false
Is dropped:	false
PID:	3332
Target ID:	0
Parent PID:	1028
Name:	Installer.exe
Path:	C:\Users\user\Desktop\Installer.exe
Commandline:	"C:\Users\user\Desktop\Installer.exe"
Size:	41963008
MD5:	100C1978B1A6ED1E40D5C9FDED0ABFFD
Time:	01:01:08
Date:	26/10/2024
Reason:	newprocess
Reputation:	low
Is admin:	true
Is elevated:	true
Modulebase:	0x8e0000
Modulesize:	53248
Wow64:	true

Signature Hits	Behavior Group	Mitre Attack
Multi AV Scanner detection for submitted file	AV Detection
Sample is known by Antivirus	System Summary
Submission file is bigger than most known malware samples	System Summary

Memdumps

Base Address

Regiontype

Protect

Malicious

AED000

stack

page read and write

5F0000

heap

page read and write

8EB000

unkown

page write copy

8EC000

unkown

page readonly

8E4000

unkown

page readonly

8D0000

heap

page read and write

C68000

heap

page read and write

8E1000

unkown

page execute read

8E8000

unkown

page write copy

B2D000

stack

page read and write

8E7000

unkown

page write copy

8E7000

unkown

page read and write

58D000

stack

page read and write

8EB000

unkown

page write copy

8EC000

unkown

page readonly

C60000

heap

page read and write

8E0000

unkown

page readonly

F5D000

stack

page read and write

C10000

heap

page read and write

8E0000

unkown

page readonly

8E1000

unkown

page execute read

8E4000

unkown

page readonly

There are 12 hidden memdumps, click here to show them.

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC Report
Installer.exe

Processes

Memdumps

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

IOC ReportInstaller.exe

Processes

Memdumps

IOC Report
Installer.exe