Analysis
-
max time kernel
140s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
26-03-2022 14:35
General
-
Target
ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.exe
-
Size
935KB
-
MD5
310f175ef3484c2af64ec1582bbb6e8a
-
SHA1
9d8ad43605282a2fd58bd5f81891855b6d77ce1a
-
SHA256
ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2
-
SHA512
ce540df42c9fac4e6f2269781f3705e368c1fd807603e7e52303e437cbe691f5450518124e75ee3852173e63b01e3fd80cac595ee57fadd74436cc544e1587de
Score
8/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.exe"C:\Users\Admin\AppData\Local\Temp\ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-VGOOR.tmp\ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.tmp"C:\Users\Admin\AppData\Local\Temp\is-VGOOR.tmp\ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.tmp" /SL5="$6006A,703914,121344,C:\Users\Admin\AppData\Local\Temp\ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\is-VGOOR.tmp\ead61d932684264a2ad44fbe097c7ad8639230c5dccb6db32a70610fbb936bb2.tmpFilesize
764KB
MD51e9d5ac6275b5f89d66f491e671d5e0b
SHA1bf1bc56d35f0464364037687c6f1674af05c1246
SHA2566c0057363fd6c9d7be8370b1319457b877f9d4321fb458ee15fee5556f92eb87
SHA51273f40d88d81f0e8876d6cd8653176f9dd5e5db9b41c08c8c4cfb7ac42d48ecdcdf5cd332d5e16a75beaeb34599fd09b03390a8e18d4de8aac802cb8586c23783
-
memory/2796-130-0x0000000000400000-0x0000000000425000-memory.dmpFilesize
148KB
-
memory/2796-132-0x0000000000400000-0x0000000000425000-memory.dmpFilesize
148KB
-
memory/3360-133-0x0000000000000000-mapping.dmp