6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0 | Triage

Analysis

max time kernel
129s
max time network
134s
platform
windows10_x64
resource
win10
submitted
09-07-2020 07:03

Sharing

Report Analysis Logs

General

Target

6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe
Size

152KB
MD5

ed4607d598d73bb8253e95ea4ce52bd6
SHA1

a99e39c42f0c8296e566b79818f51ca454eb2f09
SHA256

6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0
SHA512

67882424acd32c3777e48ac67e2bfe80db78596f134f8996ac43873a56186e06cbe68a60ab403a6546475a1f07853f3431e96f87890452d48fc726252679dedd

Score

8^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2920 wrote to memory of 3052	2920	6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe	68
PID 2920 wrote to memory of 3052	2920	6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe	68
PID 2920 wrote to memory of 3052	2920	6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe	68

Executes dropped EXE 1 IoCs

pid	Process
3052	bdif.exe

NTFS ADS 1 IoCs

description	ioc	Process
File created	\??\c:\programdata\e6533cd889\bdif.exe:Zone.Identifier	6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe

C:\Users\Admin\AppData\Local\Temp\6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe
"C:\Users\Admin\AppData\Local\Temp\6edd31ec53c3a4b34fb3212237c1a6ebe10dac9900da573b5d61d408105bd7b0.exe"
1⤵
- Suspicious use of WriteProcessMemory
- NTFS ADS
PID:2920
- \??\c:\programdata\e6533cd889\bdif.exe
  c:\programdata\e6533cd889\bdif.exe
  2⤵
  - Executes dropped EXE
  PID:3052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2920-0-0x00000000001E0000-0x00000000001F0000-memory.dmp

Filesize
64KB

Download
memory/2920-1-0x00000000004B0000-0x00000000004D5000-memory.dmp

Filesize
148KB

Download
memory/3052-6-0x0000000000470000-0x0000000000495000-memory.dmp

Filesize
148KB

Download