Analysis

  • max time kernel
    107s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220112
  • submitted
    10/03/2022, 01:18

General

  • Target

    7171c9736984feb383e2db8153cec96b9af1c4cdd37e953ceb43a16b7c235137.exe

  • Size

    521KB

  • MD5

    bee7464a4a2158057dc9d750188c8149

  • SHA1

    e0b9118d8f18939a7be0a6a4c436e9b9465ab3a3

  • SHA256

    7171c9736984feb383e2db8153cec96b9af1c4cdd37e953ceb43a16b7c235137

  • SHA512

    952aea8509d9540baa95d1c4f4237f5eee83fd06defea2c0638df3fcb2200fa490ccd64bdd207b64d5af3e8aba979ad5f5ce08412f0580f1c8793802de489fa6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 5 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\7171c9736984feb383e2db8153cec96b9af1c4cdd37e953ceb43a16b7c235137.exe
    "C:\Users\Admin\AppData\Local\Temp\7171c9736984feb383e2db8153cec96b9af1c4cdd37e953ceb43a16b7c235137.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3148
    • C:\Windows\SysWOW64\fondue.exe
      "C:\Windows\system32\fondue.exe" /enable-feature:NetFx3 /caller-name:mscoreei.dll
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3676
      • C:\Windows\system32\FonDUE.EXE
        "C:\Windows\sysnative\FonDUE.EXE" /enable-feature:NetFx3 /caller-name:mscoreei.dll
        3⤵
          PID:1216

    Network

          MITRE ATT&CK Matrix

          Replay Monitor

          Loading Replay Monitor...

          Downloads