Analysis

  • max time kernel
    101s
  • max time network
    173s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220112
  • submitted
    22/02/2022, 20:55

General

  • Target

    0b34a3b62a081aaf79b21e11c99e19cae47b59effa40361fb39d195997e92bc6.exe

  • Size

    520KB

  • MD5

    d88af359378d2afd51635420f0b1d817

  • SHA1

    1ae351776af8c551d9d5b4a905ead037b354dda9

  • SHA256

    0b34a3b62a081aaf79b21e11c99e19cae47b59effa40361fb39d195997e92bc6

  • SHA512

    76179ddf5700fe4827181f03e06ba3e135a5af42c1662f3c5fc43dbe6d5653ce5b031ee14fee02b16165d9b40f84da527941353e8be5ae7336a300c73f5fcdb4

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0b34a3b62a081aaf79b21e11c99e19cae47b59effa40361fb39d195997e92bc6.exe
    "C:\Users\Admin\AppData\Local\Temp\0b34a3b62a081aaf79b21e11c99e19cae47b59effa40361fb39d195997e92bc6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1784
    • C:\Windows\SysWOW64\fondue.exe
      "C:\Windows\system32\fondue.exe" /enable-feature:NetFx3 /caller-name:mscoreei.dll
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3496
      • C:\Windows\system32\FonDUE.EXE
        "C:\Windows\sysnative\FonDUE.EXE" /enable-feature:NetFx3 /caller-name:mscoreei.dll
        3⤵
          PID:1416

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads