Analysis
-
max time kernel
151s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
29-11-2022 10:35
Behavioral task
behavioral1
Sample
1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exe
Resource
win10v2004-20220812-en
General
-
Target
1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exe
-
Size
250KB
-
MD5
1be1f0583b8ef269212847d1bd436af0
-
SHA1
29b4e0b06b2e0d65d0bc9c88cc1dc05c60bbe210
-
SHA256
1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e
-
SHA512
a48b2b23b403f9a70495df98006f489336279e88b01b9a04eca39d5c38445ae536671cb2d3626a6363db2b724bb2c774bf44ffeabd30d90270071f11227ff175
-
SSDEEP
6144:/fBSZRy4p2/TrNv3T6n/ZxWxUajqFXuQQs6:/fi32brNv3mn/mPjm+Zh
Malware Config
Signatures
-
Loads dropped DLL 1 IoCs
Processes:
1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exepid process 544 1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exe -
Suspicious behavior: EnumeratesProcesses 2 IoCs
Processes:
1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exepid process 544 1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exe 544 1a2f341a16b9353999d7df568c6234c4cebeff1fdb18630d0296ac06c14d532e.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\007d7e2d-65b4-4886-adaf-4f9c061caf7d\AgileDotNetRT.dllFilesize
120KB
MD5684739fc9301c31f34156ee56768cf87
SHA1ccd6eafdd055dd327774209b86b3da62e27d8237
SHA25638f0b0b7ac812c3f2c2c26109bbc5383e6d035b2a7d6ebaae52002ec3a14b782
SHA512f06481a4d0d712d58c1e0b200e2c2e5ef95e394dbceb5ef6d71d1e33d9d945aa2632805c0e7198b2fce3b58014b94efb95b144815939a2a65f757cb8ca24aecd
-
memory/544-132-0x0000000074C60000-0x0000000075211000-memory.dmpFilesize
5.7MB
-
memory/544-134-0x0000000073980000-0x00000000739DB000-memory.dmpFilesize
364KB
-
memory/544-135-0x0000000073160000-0x0000000073192000-memory.dmpFilesize
200KB
-
memory/544-136-0x0000000074C60000-0x0000000075211000-memory.dmpFilesize
5.7MB
-
memory/544-137-0x0000000073160000-0x0000000073192000-memory.dmpFilesize
200KB
-
memory/544-138-0x0000000074C60000-0x0000000075211000-memory.dmpFilesize
5.7MB