Analysis
-
max time kernel
95s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
-
submitted
27-09-2022 13:16
General
-
Target
Skype-8.88.0.401.exe
-
Size
84.6MB
-
MD5
a354d5d832f5a63c996be3ba24f3793c
-
SHA1
0eeabbd3654bcb95615ede909eca7f1d8cb1465e
-
SHA256
bd4ed965fbab660df571953482137e91a5af1a23c8a471b583d87e65266f64b2
-
SHA512
f745d04cae393227b344c4fe4ba1d9bdc36058527c1621fd38d19ccc6bdeb15dd4251e66e6db9a88ec41dd59ddf3de357920e58980ca089119416d92c9fc90fc
-
SSDEEP
1572864:KuEsMZ2eMCgMHNRZzU9P9X6TalSU3OTW+CnamF+U4wYVcnywmh0yyHXFK9auqj:KeM0MNQ6Ty3a3CT+amdwq0yyHXFoqj
Score
8/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Skype-8.88.0.401.exe"C:\Users\Admin\AppData\Local\Temp\Skype-8.88.0.401.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-UNCS5.tmp\Skype-8.88.0.401.tmp"C:\Users\Admin\AppData\Local\Temp\is-UNCS5.tmp\Skype-8.88.0.401.tmp" /SL5="$701F8,88056815,404480,C:\Users\Admin\AppData\Local\Temp\Skype-8.88.0.401.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\is-UNCS5.tmp\Skype-8.88.0.401.tmpFilesize
1.4MB
MD542d7f6491cb9a07c4e25cac42a3b395b
SHA175b5c00ab9277bbe578502bfbef743e7c04564c1
SHA256f58a9f68802fbc1cacdb07cc357136fb217ad47897355dac962a1e239fe9591d
SHA512f9df478b4d2076a1ea2b09f711afb7425d0b9ea57c06d90749ca20ec9c4c110720061b62d9fff047d69e7214deb239673be3b33df77742bc64fbfce2014f3750
-
memory/3444-132-0x0000000000400000-0x000000000046D000-memory.dmpFilesize
436KB
-
memory/3444-136-0x0000000000400000-0x000000000046D000-memory.dmpFilesize
436KB
-
memory/3444-137-0x0000000000400000-0x000000000046D000-memory.dmpFilesize
436KB
-
memory/4548-134-0x0000000000000000-mapping.dmp