Analysis
-
max time kernel
94s -
max time network
92s -
platform
windows10-2004_x64 -
resource
win10v2004-20220722-en -
resource tags
-
submitted
25-07-2022 23:11
General
-
Target
s3browser-10-3-1.exe
-
Size
5.4MB
-
MD5
a80429d570de461572b85a371edd6c9b
-
SHA1
4372672a614a7c2ef26971f79c4e1daf357f5903
-
SHA256
0b813e6f4d5cc9d2898fd9045f577d0f5e750dd960408abf3894b447033143e2
-
SHA512
f38b02515a22b0aa9262c96b20dd8c70cc212699856b32dd018f8cb4f44e6ab0fb46a147e428f0c1374f6f8a908f787df9c553250b87ded552d92722cacbdf0a
Score
8/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\s3browser-10-3-1.exe"C:\Users\Admin\AppData\Local\Temp\s3browser-10-3-1.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-0S5BS.tmp\s3browser-10-3-1.tmp"C:\Users\Admin\AppData\Local\Temp\is-0S5BS.tmp\s3browser-10-3-1.tmp" /SL5="$C007A,4787185,831488,C:\Users\Admin\AppData\Local\Temp\s3browser-10-3-1.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\is-0S5BS.tmp\s3browser-10-3-1.tmpFilesize
3.0MB
MD5a73b51c3bee773b0db64dfa52432fcc0
SHA1d2d12a4b37156873e02e9981d9c9e45a8916ed6e
SHA25675bff91d9b19195c5e1b528e7e117c2060d2ffd83f27464a1e6f54036181d676
SHA512aaad6011b9ab3c92d9bbf9194eff664c00ea17fcbb25b60579c210f8aaa0cfd3f0b8158cf5a25ebccf97f9b615d0f291f450ec450e3539ca2046acf849070c32
-
memory/4388-135-0x0000000000000000-mapping.dmp
-
memory/4912-132-0x0000000000400000-0x00000000004D8000-memory.dmpFilesize
864KB
-
memory/4912-134-0x0000000000400000-0x00000000004D8000-memory.dmpFilesize
864KB
-
memory/4912-137-0x0000000000400000-0x00000000004D8000-memory.dmpFilesize
864KB