Analysis
-
max time kernel
90s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
23-11-2022 09:31
General
-
Target
d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe
-
Size
1.3MB
-
MD5
08bd780e8948ce1e49639ad4796acb5a
-
SHA1
8850ad6c6f0e25b84592b5a713d258a151a77c10
-
SHA256
d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59
-
SHA512
12e1a20a10dc48258efac12254ae6547e6260d92498c85ea61268e900bbef59602a596552c40a65674f0fb35c28e64ec0680e72794e461e9db796b0323ecdafa
-
SSDEEP
24576:zrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPak:zrKo4ZwCOnYjVmJPa
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of SetWindowsHookEx 5 IoCs
-
Suspicious use of WriteProcessMemory 10 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe"C:\Users\Admin\AppData\Local\Temp\d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe"1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\d6b6ecb405d9113b224fd07af9b59b746388fe7d21d359ff164943580612af59.exe2⤵
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/368-132-0x0000000000000000-mapping.dmp
-
memory/368-133-0x0000000000400000-0x00000000004D9000-memory.dmpFilesize
868KB
-
memory/368-134-0x0000000000400000-0x00000000004D9000-memory.dmpFilesize
868KB
-
memory/368-135-0x0000000000400000-0x00000000004D9000-memory.dmpFilesize
868KB
-
memory/368-136-0x0000000000400000-0x00000000004D9000-memory.dmpFilesize
868KB
-
memory/368-137-0x0000000000400000-0x00000000004D9000-memory.dmpFilesize
868KB