2a1ba880f0cacda99db3eed861bc738a3f8ec6cac2518da431c446851fb4f923 | Triage

Analysis

max time kernel
121s
max time network
121s
platform
windows10_x64
resource
win10-en-20211208
submitted
28-01-2022 08:59

Sharing

Report Analysis Logs

General

Target

98319733830d33ba8fe64960725fd9dd.exe
Size

14KB
MD5

98319733830d33ba8fe64960725fd9dd
SHA1

2b1b7cb9c254f72ff2bb08bc568f67d48f207953
SHA256

2a1ba880f0cacda99db3eed861bc738a3f8ec6cac2518da431c446851fb4f923
SHA512

34ea5ae957e8b4e67238ccf9446f5407ab6cdc22d5947c5cd1816a4b1cced01add5f992b3527642a4486c2d0f5f817ba7bb3554b4369af99f514e443c91b2e7f

Score

4^/10

Malware Config

Signatures

Drops file in Windows directory 2 IoCs

Processes:

98319733830d33ba8fe64960725fd9dd.exe

description	ioc	process
File created	C:\Windows\Tasks\corolina17.job	98319733830d33ba8fe64960725fd9dd.exe
File opened for modification	C:\Windows\Tasks\corolina17.job	98319733830d33ba8fe64960725fd9dd.exe

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

98319733830d33ba8fe64960725fd9dd.exe

pid process

2656 98319733830d33ba8fe64960725fd9dd.exe
2656 98319733830d33ba8fe64960725fd9dd.exe

C:\Users\Admin\AppData\Local\Temp\98319733830d33ba8fe64960725fd9dd.exe
"C:\Users\Admin\AppData\Local\Temp\98319733830d33ba8fe64960725fd9dd.exe"
1⤵
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
PID:2656

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...