Analysis

  • max time kernel
    139s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    04-06-2022 02:10

General

  • Target

    119c3521356bde66ed4de31c42a556c9f4e5460109c727d892d135ae520860b9.exe

  • Size

    27KB

  • MD5

    09500e1ea7c6392c4e956a0afd9f30f9

  • SHA1

    e9eb6ee535d09f049abb754db0071bed91599baf

  • SHA256

    119c3521356bde66ed4de31c42a556c9f4e5460109c727d892d135ae520860b9

  • SHA512

    b134046fd11a2b4a7c266015ffd94c84521a085990ef6c78909f5618823c4160e50adb05690b9350b9e38c0a1df7396c19359a8bb38950bc034b52ba2e2d6004

Score
6/10

Malware Config

Signatures

  • Adds Run key to start application 2 TTPs 2 IoCs
  • Suspicious use of FindShellTrayWindow 3 IoCs
  • Suspicious use of SendNotifyMessage 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\119c3521356bde66ed4de31c42a556c9f4e5460109c727d892d135ae520860b9.exe
    "C:\Users\Admin\AppData\Local\Temp\119c3521356bde66ed4de31c42a556c9f4e5460109c727d892d135ae520860b9.exe"
    1⤵
    • Adds Run key to start application
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    PID:4304

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4304-130-0x0000000000400000-0x000000000040A000-memory.dmp

    Filesize

    40KB

  • memory/4304-131-0x0000000000400000-0x000000000040A000-memory.dmp

    Filesize

    40KB