Analysis

  • max time kernel
    183s
  • max time network
    184s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    29-10-2022 10:52

General

  • Target

    aa2012b5ff1086366f6daff33b634516680093b633187910675565e889b1ccb2.exe

  • Size

    352KB

  • MD5

    863b0845fafa79af965ef4bdfddadfef

  • SHA1

    9362f0465ad37e597bb0434b52644a57c488005a

  • SHA256

    aa2012b5ff1086366f6daff33b634516680093b633187910675565e889b1ccb2

  • SHA512

    ef751b0c0ea1e3e6d7fd4e32d31fba950e7ec0d4dc0662b3426e90b7b5a4d6bd2eb8afa7e3f73fe0f6503d4457fd5bae49d5926ed26963e60d10e91ebc4bbb71

  • SSDEEP

    6144:/gfAXtImXAUS7/3NYzwF7/b8/mM2kwZ1ue35re0e84lt0g:1+m1A3NhFqUp5re3LKg

Score
4/10

Malware Config

Signatures

  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\aa2012b5ff1086366f6daff33b634516680093b633187910675565e889b1ccb2.exe
    "C:\Users\Admin\AppData\Local\Temp\aa2012b5ff1086366f6daff33b634516680093b633187910675565e889b1ccb2.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of WriteProcessMemory
    PID:512
    • C:\program files\internet explorer\IEXPLORE.EXE
      "C:\program files\internet explorer\IEXPLORE.EXE"
      2⤵
        PID:952

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads