Analysis
-
max time kernel
140s -
max time network
112s -
platform
windows10_x64 -
resource
win10v20201028 -
submitted
25-11-2020 09:12
Static task
static1
Behavioral task
behavioral1
Sample
nosto.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
nosto.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
nosto.exe
-
Size
1.3MB
-
MD5
c5b92b47eeb6372edb232deae1bf47d7
-
SHA1
7034a52f0ebc2fd0b38c130b229902e33a02c5ed
-
SHA256
6f5801587baf461e5a67f49bc6f4b400a8f458dc223f4d3ec9e2eafd9b062f5f
-
SHA512
e82535143ad12e85ee58b515c536f43a60c6324b79bfad304ac9f19c77ebb6eabd1604cf5d7fb0b8f7bb557ca2cfa11d564bf1d86063c662f3b124eb9c31f9ce
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
nosto.exepid process 816 nosto.exe 816 nosto.exe -
Suspicious use of WriteProcessMemory 3 IoCs
Processes:
nosto.exedescription pid process target process PID 816 wrote to memory of 1300 816 nosto.exe nosto.exe PID 816 wrote to memory of 1300 816 nosto.exe nosto.exe PID 816 wrote to memory of 1300 816 nosto.exe nosto.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1300-0-0x0000000000000000-mapping.dmp