Overview

overview

10

Static

static

1

ReduceMemory.exe

windows7-x64

3

ReduceMemory.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ReduceMemory.exe

  • Size

    776KB

  • Sample

    230214-rceffsdc6x

  • MD5

    0d626331715cc35aa377a8503f85c92a

  • SHA1

    26aad89595f00068151d3676297ceec394e718af

  • SHA256

    3e541100c869dba06ee62252a9661e5a06c2e685a7ddd5288ea1358703412385

  • SHA512

    6dcdc39672dd00873c55753ba02ad05dc61ef028a4de385d5af38f30c4959342ac25f0ae936a19fb29100a49ab379f16f5288578434e1aea83b03e596d999996

  • SSDEEP

    12288:UaWzgMg7v3qnCiHErQohh0F4aCJ8lny7QSpJJ9vZ+dAy2s:LaHMv6C7rjCny7QQx+Is

Score
10/10

Malware Config

Targets

    • Target

      ReduceMemory.exe

    • Size

      776KB

    • MD5

      0d626331715cc35aa377a8503f85c92a

    • SHA1

      26aad89595f00068151d3676297ceec394e718af

    • SHA256

      3e541100c869dba06ee62252a9661e5a06c2e685a7ddd5288ea1358703412385

    • SHA512

      6dcdc39672dd00873c55753ba02ad05dc61ef028a4de385d5af38f30c4959342ac25f0ae936a19fb29100a49ab379f16f5288578434e1aea83b03e596d999996

    • SSDEEP

      12288:UaWzgMg7v3qnCiHErQohh0F4aCJ8lny7QSpJJ9vZ+dAy2s:LaHMv6C7rjCny7QQx+Is

    Score
    10/10

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks