Resubmissions
09-05-2023 19:22
230509-x3fn4adg58 1009-05-2023 19:14
230509-xxsrgaff7x 1009-05-2023 19:14
230509-xxr5yadg42 709-05-2023 19:14
230509-xxrt6sff7w 809-05-2023 19:14
230509-xxrjeaff7v 809-05-2023 19:14
230509-xxqxwadg39 709-05-2023 19:14
230509-xxql4sff7t 1009-05-2023 19:14
230509-xxqbcadg38 709-05-2023 19:10
230509-xvl6xadf64 10Analysis
-
max time kernel
162s -
max time network
419s -
platform
windows10-2004_x64 -
resource
win10v2004-20230220-en -
resource tags
-
submitted
09-05-2023 19:14
General
-
Target
trojan-leaks-main/skidded/Murderer.exe
-
Size
21.9MB
-
MD5
8a27182879ba66cf5d07940b16bbb5a0
-
SHA1
0242ca81d92cd4ece24bc0f558a269f0baeaa8e2
-
SHA256
887889b8c147adec683a3d5dfa36bae2693b438b27b9b623aea7f16522174e3b
-
SHA512
7d68b338f20610b20e4f72104ae0d5b1abdc82821c606e03e8b2ae307b13ed010acef8eeba4cb1b5eda61ad324b4ff28a84870cc6901bc328ee519e4646432fe
-
SSDEEP
393216:WMT+rfHZlgMMH2RhoAZbBQbCVC9woa4KVbh6wHW8ALe4Lfj16ouWcXD:WZZaMi2R7BQbCVC9wioswHW8AvLZ6ouf
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of WriteProcessMemory 2 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\trojan-leaks-main\skidded\Murderer.exe"C:\Users\Admin\AppData\Local\Temp\trojan-leaks-main\skidded\Murderer.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\91DC.tmp\91DD.tmp\91DE.bat C:\Users\Admin\AppData\Local\Temp\trojan-leaks-main\skidded\Murderer.exe"2⤵
-
Network
MITRE ATT&CK Enterprise v6
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
619B
MD544148f40b305d441d7d685e42cab976c
SHA1de1767b8a6361650932a8c3972cd0fb6fd15416b
SHA256354bcbc57c1e31d2003d80e6c1746a5de844e1b31df9c8b1607ecdeaec18b6f2
SHA5128d2ce47b972724bacb59e5f65d694d2fe8c64a91df1905e16044b2084e5be6c366bb3fdcffb862ffb21acb01dddf9a53c3fbdb37837aeb70c39f70856c67bee7