203d5180094186f6c16a599e06388d6b5a09f922f17fc8346124db9ecf26ea80 | Triage

Analysis

max time kernel
104s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
02-06-2022 18:29

Sharing

Report Analysis Logs

General

Target

1600-63-0x0000000000400000-0x000000000042F000-memory.exe
Size

188KB
MD5

8a4076bb02567c6dca42ef9338c41dc8
SHA1

1a56b3184458619ef9a551b09469db89fa2aee11
SHA256

203d5180094186f6c16a599e06388d6b5a09f922f17fc8346124db9ecf26ea80
SHA512

62b0a212cb4855b3ff3f6e2137e725bd7e7cb9aa7f209dc1ac149baffde27e99b28cf745966b3150e56e44d03f53f9a3ef790b22997ceb19a5e163253a567ef0

Score

1^/10

Malware Config

Signatures

Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes:

1600-63-0x0000000000400000-0x000000000042F000-memory.exe

pid process

1228 1600-63-0x0000000000400000-0x000000000042F000-memory.exe
1228 1600-63-0x0000000000400000-0x000000000042F000-memory.exe

C:\Users\Admin\AppData\Local\Temp\1600-63-0x0000000000400000-0x000000000042F000-memory.exe
"C:\Users\Admin\AppData\Local\Temp\1600-63-0x0000000000400000-0x000000000042F000-memory.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1228

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1228-130-0x0000000000B60000-0x0000000000EAA000-memory.dmp

Filesize
3.3MB

Download