Analysis
-
max time kernel
143s -
max time network
129s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
13-03-2023 23:54
General
-
Target
itubego_pd.exe
-
Size
86.6MB
-
MD5
0dd0028e7f7ae8a2d2e191a9eea8140e
-
SHA1
3c5b77216120d24333a0600f9b08cafc4770b5ca
-
SHA256
3f9182e10ec211dcbec310ff12e05388f87fdfd9213b3b723d4eb888fd796847
-
SHA512
7b5d9144c5e75d9c72a879e7f721aeef433523b8573fd2a47ada0d3a7c2339bccd05a5b67e9f389438d584814758a551757eaea2c50fc2135f0ed07a0f42822d
-
SSDEEP
1572864:L1pKJ/QCCXwsYssykS2D+WutvgdQUc3mKen9f+97ZAD5TcBJJHYJjy3bzv8T:LDKJYCCXwsfsykS0GSc3mxfouc/JKQzI
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\itubego_pd.exe"C:\Users\Admin\AppData\Local\Temp\itubego_pd.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Users\Admin\AppData\Local\Temp\is-ANIKR.tmp\itubego_pd.tmp"C:\Users\Admin\AppData\Local\Temp\is-ANIKR.tmp\itubego_pd.tmp" /SL5="$A01C0,89968061,733696,C:\Users\Admin\AppData\Local\Temp\itubego_pd.exe"2⤵
- Executes dropped EXE
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Users\Admin\AppData\Local\Temp\is-ANIKR.tmp\itubego_pd.tmpFilesize
2.4MB
MD547bb561a0504895bf52056b2f8f1e15e
SHA1423e45d22a832ff6c8294fc8f9e4aed663333920
SHA256c97b4256642f8e53001dfd069da54899693c91a5f60bd9adb480d5148a4ba637
SHA5125e54476da418a3b48c47f716379091e5e9357a31592dd09589f85f936334af71c8137044ecb8429bd6e1d6662075fd085f4adcd1fb8a4cd3fd4762caf7e4fe51
-
memory/1320-133-0x0000000000400000-0x00000000004C1000-memory.dmpFilesize
772KB
-
memory/1320-140-0x0000000000400000-0x00000000004C1000-memory.dmpFilesize
772KB
-
memory/3864-138-0x0000000000880000-0x0000000000881000-memory.dmpFilesize
4KB
-
memory/3864-141-0x0000000000400000-0x000000000067C000-memory.dmpFilesize
2.5MB
-
memory/3864-142-0x0000000000880000-0x0000000000881000-memory.dmpFilesize
4KB