81061ca8835f361cb6554ce48c1dac634e40486b3d9b36dc00448f40dc0a9a7c | Triage

Analysis

max time kernel
1s
max time network
4s
platform
windows10-2004_x64
resource
win10v2004-20230221-en
resource tags

arch:x64arch:x86image:win10v2004-20230221-enlocale:en-usos:windows10-2004-x64system
submitted
19-05-2023 11:21

Sharing

Report Analysis Logs

General

Target

tmp.exe
Size

7.3MB
MD5

d3bf474de7039be1758918653d179d54
SHA1

49b3c66dd93ba512e3dc423339d77a15b79efc05
SHA256

81061ca8835f361cb6554ce48c1dac634e40486b3d9b36dc00448f40dc0a9a7c
SHA512

8ba871edf781bd3ea6f27dc43e5a783b6475874d34438a364d80d9dfcda1faa8271a3e15d22de2159354fca0bafff7e4ce9443210cfce83fb254b528e688ee00
SSDEEP

196608:EiNibKiPyg8KD0fJHPcgAL9fvbmEB5Rxg0nb:EiwPp0xHPahvbbrb

Score

8^/10

Malware Config

Signatures

Drops file in Drivers directory 4 IoCs

Processes:

tmp.exe

description	ioc	process
File created	C:\Windows\SysWOW64\drivers\zBhGpQxB.dll	tmp.exe
File opened for modification	C:\Windows\System32\drivers\zBhGpQxB.dll	tmp.exe
File created	C:\Windows\SysWOW64\drivers\wFmJqBjM.dll	tmp.exe
File opened for modification	C:\Windows\SysWOW64\drivers\wFmJqBjM.dll	tmp.exe

C:\Users\Admin\AppData\Local\Temp\tmp.exe
"C:\Users\Admin\AppData\Local\Temp\tmp.exe"
1⤵
- Drops file in Drivers directory
PID:4936

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads