Analysis
-
max time kernel
188s -
max time network
196s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
23/11/2022, 23:27
General
-
Target
de5a79944a40b4cbe2d9f1cea16671d5fd27629a35daa53fbe2fe5423b052f4b.exe
-
Size
84KB
-
MD5
373749d7ad081f9b72ebbeb3243220c7
-
SHA1
678fc7cb743ddc2bcf2334bc5f81d6ae5792f061
-
SHA256
de5a79944a40b4cbe2d9f1cea16671d5fd27629a35daa53fbe2fe5423b052f4b
-
SHA512
a9d5ee85d5a25bc0a1be09e312758a2f62dc135cf8f9d2e4b2520e2cfc4c4460a50316cd99b40a84884abf6a235ae9fa1f461203c69be1a22039678abc2df26b
-
SSDEEP
1536:qwm8nBjqs32bxPpBRy32Z6gJlyiKqVo6EU5:5m8nBjTmbxRBRN6WYiKqVo6Z5
Score
4/10
Malware Config
Signatures
-
Drops file in Windows directory 4 IoCs
-
Suspicious behavior: EnumeratesProcesses 2 IoCs
-
Suspicious use of WriteProcessMemory 1 IoCs
Processes
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵
-
C:\Users\Admin\AppData\Local\Temp\de5a79944a40b4cbe2d9f1cea16671d5fd27629a35daa53fbe2fe5423b052f4b.exe"C:\Users\Admin\AppData\Local\Temp\de5a79944a40b4cbe2d9f1cea16671d5fd27629a35daa53fbe2fe5423b052f4b.exe"2⤵
- Drops file in Windows directory
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of WriteProcessMemory
-