Analysis

  • max time kernel
    134s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    10/03/2022, 01:12

General

  • Target

    71de05a6489374d3454f66de31e2f720f4e199d57caec38ea01a01bde3591a31.exe

  • Size

    520KB

  • MD5

    ad6d2ef1e0cc7def5c5c7effa3bf948a

  • SHA1

    217d95930dc50619b2f734a7757cbc37fe575fcf

  • SHA256

    71de05a6489374d3454f66de31e2f720f4e199d57caec38ea01a01bde3591a31

  • SHA512

    4878db553bfa0430e80c9890807f99ff7400f9af3c54a51af13a3332fe758c1ec446608dfe6710b76253357b8cee78853823e1e70495ed1256813f43908ab452

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\71de05a6489374d3454f66de31e2f720f4e199d57caec38ea01a01bde3591a31.exe
    "C:\Users\Admin\AppData\Local\Temp\71de05a6489374d3454f66de31e2f720f4e199d57caec38ea01a01bde3591a31.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1456
    • C:\Windows\SysWOW64\fondue.exe
      "C:\Windows\system32\fondue.exe" /enable-feature:NetFx3 /caller-name:mscoreei.dll
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1656
      • C:\Windows\system32\FonDUE.EXE
        "C:\Windows\sysnative\FonDUE.EXE" /enable-feature:NetFx3 /caller-name:mscoreei.dll
        3⤵
          PID:2144

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads