Analysis
-
max time kernel
34s -
max time network
41s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
29/10/2022, 21:45
General
-
Target
f28d1efca1663ed51268c11bbd89d88359881452d9786efd3aa074c740f54eea.exe
-
Size
77KB
-
MD5
84ae05037afa95a1d3ab3578773a3a2f
-
SHA1
07e1e542ac8d321ea884bc903ca4a3c4d34fc3b7
-
SHA256
f28d1efca1663ed51268c11bbd89d88359881452d9786efd3aa074c740f54eea
-
SHA512
1d18f5d5fbc304128c9d9666841680e93e5ff3815235f4daa7d4c67a014b2b6401788e3eb22f0dc8127eecc779b9f3aef52d090632e77371488a4ad0c69ced99
-
SSDEEP
768:0SSF1+MEBnMg5J3OB1SSfTXHLfA0RY5NhCP9mu2I:YH+ZZIVr7YrYku7
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\f28d1efca1663ed51268c11bbd89d88359881452d9786efd3aa074c740f54eea.exe"C:\Users\Admin\AppData\Local\Temp\f28d1efca1663ed51268c11bbd89d88359881452d9786efd3aa074c740f54eea.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\cmd.execmd /c C:\Users\Admin\AppData\Local\Temp\b.bat "C:\Users\Admin\AppData\Local\Temp\f28d1efca1663ed51268c11bbd89d88359881452d9786efd3aa074c740f54eea.exe"2⤵
- Deletes itself
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
57B
MD5fe65bfb88feca5d19f3b8ae10c701f5d
SHA1b19002b7de57d4a9fcc589c85a3b89e401e83552
SHA256dba301be6859924751f4ae249d9fd8930ddfba235b52ccf4848d5c29479bbc75
SHA512252efbf415dd46053e857c2280f9fb401e2b2ec6c400ab543ed11d82c987850d77de1ceeda366f72fe059e49826dfc74f5bb7f6b2a7ed3a9eab77643b5cb003d