cea699be9ae7dfa92d1725a9ece33071f1e707e9cde5ec5137d4a28f1f74a10d | Triage

Analysis

max time kernel
146s
max time network
151s
platform
windows10_x64
resource
win10v20210408
submitted
28-08-2021 21:24

Sharing

Report Analysis Logs

General

Target

e9dc207df074b319b6144fa436f80bed.exe
Size

13KB
MD5

e9dc207df074b319b6144fa436f80bed
SHA1

14fb934fa837c3cecede8c96f59d5436624d7338
SHA256

cea699be9ae7dfa92d1725a9ece33071f1e707e9cde5ec5137d4a28f1f74a10d
SHA512

e46b21d0494cf6e98f5f58a4f53aa0c1d34a83566e47ca1292d45cac40df9b875029762679bf3f378c79cb0d652d37dfd1a7a1462cff4e75ab211b888dbcd04c

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 2 IoCs

Processes:

e9dc207df074b319b6144fa436f80bed.exe

description	ioc	process
File created	C:\Windows\Tasks\wow64.job	e9dc207df074b319b6144fa436f80bed.exe
File opened for modification	C:\Windows\Tasks\wow64.job	e9dc207df074b319b6144fa436f80bed.exe

C:\Users\Admin\AppData\Local\Temp\e9dc207df074b319b6144fa436f80bed.exe
"C:\Users\Admin\AppData\Local\Temp\e9dc207df074b319b6144fa436f80bed.exe"
1⤵
- Drops file in Windows directory
PID:632

C:\Users\Admin\AppData\Local\Temp\e9dc207df074b319b6144fa436f80bed.exe
C:\Users\Admin\AppData\Local\Temp\e9dc207df074b319b6144fa436f80bed.exe start
1⤵
PID:4088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...