1760a29996e422caea60896e6d837c744a96b68833c8c43b49fd1240eb0f020c

Analysis

max time kernel
2s
max time network
7s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
10-06-2023 08:45

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

04951399.exe
Size

236KB
MD5

3b31e1b1438dde669184cf4367574698
SHA1

921440b4d557b9ffbafe5dda125f812a6df24fa2
SHA256

1760a29996e422caea60896e6d837c744a96b68833c8c43b49fd1240eb0f020c
SHA512

6ceba01e021fe47662b6e11e3ecf5a3485b88bb1e9045fd8d16842b0beaaa11eaedc231fe1fff4a40315e4fd22588416cc5650835b09129d4bb0dfef576e7885
SSDEEP

6144:FBlkZvaF4NTBLKHUieoro5APaKxbt303s38Qii:FoSWNT1KHIocAPZtk3ssQii

Score

1^/10

Malware Config

Signatures

Kills process with taskkill 2 IoCs

evasion

pid	Process
4028	taskkill.exe
404	taskkill.exe

Suspicious use of AdjustPrivilegeToken 1 IoCs

description	pid	Process
Token: SeDebugPrivilege	4028	taskkill.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 4320 wrote to memory of 5036	4320	04951399.exe	85
PID 4320 wrote to memory of 5036	4320	04951399.exe	85
PID 5036 wrote to memory of 4028	5036	cmd.exe	86
PID 5036 wrote to memory of 4028	5036	cmd.exe	86

C:\Users\Admin\AppData\Local\Temp\04951399.exe
"C:\Users\Admin\AppData\Local\Temp\04951399.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:4320
- C:\Windows\system32\cmd.exe
  "C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\8215.tmp\8216.tmp\8217.bat C:\Users\Admin\AppData\Local\Temp\04951399.exe"
  2⤵
  - Suspicious use of WriteProcessMemory
  PID:5036
- - C:\Windows\system32\taskkill.exe
    taskkill /IM explorer.exe /F
    3⤵
    - Kills process with taskkill
    - Suspicious use of AdjustPrivilegeToken
    PID:4028
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:4796
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:4552
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:844
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:456
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:656
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:4920
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:1404
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:2312
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:2540
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:4608
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:3952
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:1324
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:100
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:1428
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:116
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:220
- - C:\Users\Admin\AppData\Local\Temp\runaway.exe
    runaway.exe
    3⤵
    PID:1408
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3916
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2656
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4012
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1584
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:408
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:432
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1200
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3140
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4868
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3852
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3336
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4536
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1820
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3868
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2056
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3592
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3740
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:964
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3972
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4916
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2704
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4544
- - C:\Users\Admin\AppData\Local\Temp\NoHotdog.exe
    NoHotdog.exe
    3⤵
    PID:2444
- - C:\Users\Admin\AppData\Local\Temp\goodbye.exe
    goodbye.exe
    3⤵
    PID:3280
  - - C:\Windows\system32\cmd.exe
      "C:\Windows\system32\cmd" /c "C:\Users\Admin\AppData\Local\Temp\90FA.tmp\90FB.tmp\90FC.bat C:\Users\Admin\AppData\Local\Temp\goodbye.exe"
      4⤵
      PID:2872
    - - C:\Windows\system32\taskkill.exe
        
        taskkill /IM svchost.exe /F
        5⤵
        Kills process with taskkill
        
        PID:404
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1824
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4776
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:5068
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:5084
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2484
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1640
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1780
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4872
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4856
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2664
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4596
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2372
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2716
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:1904
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:2608
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:948
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4664
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4100
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:3424
- - C:\Users\Admin\AppData\Local\Temp\Melting.exe
    Melting.exe
    3⤵
    PID:4116

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\8215.tmp\8216.tmp\8217.bat

Filesize
1KB

MD5
c3d17d03671bb0590d70e07f584c0675

SHA1
a451c3a57a74be5df685eccb1bcdcea07cc9189c

SHA256
775f80f998edbce19ec1298d571c4ce4d7a5a84cf5a90ea48dd22916e43fa3f3

SHA512
9851c0fc20427724ada2749fb65961c1b95bcde7cf4863bf7797e9e3f2cf1cd0824b6199ccd43fb0561fd6d811172057c5eb6c1bc81984702334c2e480e7e3eb

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\Melting.exe

Filesize
12KB

MD5
833619a4c9e8c808f092bf477af62618

SHA1
b4a0efa26f790e991cb17542c8e6aeb5030d1ebf

SHA256
92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76

SHA512
4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

Download Submit
C:\Users\Admin\AppData\Local\Temp\NoHotdog.exe

Filesize
47KB

MD5
3bfd2ef3132ab1a76c26c446dcf8cd36

SHA1
71b832227696b8288dfea12fffe432130697e6d9

SHA256
9f07dffe9a330b8f1ebe2ba8e3037598920ba7cbe03c61de7edebe1d799e9f74

SHA512
a095be7dee082bdefeb54a7a4b3ffc7f83f18afe14f7685c356c00304b52511af871b98bfbc9bd1c245aca9b898cd908704e89e8e7bbdbd6cb5a4aa0074a5b58

Download Submit
C:\Users\Admin\AppData\Local\Temp\NoHotdog.exe

Filesize
47KB

MD5
3bfd2ef3132ab1a76c26c446dcf8cd36

SHA1
71b832227696b8288dfea12fffe432130697e6d9

SHA256
9f07dffe9a330b8f1ebe2ba8e3037598920ba7cbe03c61de7edebe1d799e9f74

SHA512
a095be7dee082bdefeb54a7a4b3ffc7f83f18afe14f7685c356c00304b52511af871b98bfbc9bd1c245aca9b898cd908704e89e8e7bbdbd6cb5a4aa0074a5b58

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
C:\Users\Admin\AppData\Local\Temp\runaway.exe

Filesize
8KB

MD5
979b597855746aee2f30ee74f9d7c163

SHA1
56dd0b4bbc5ddcc3fab99ea2e8f781d8b7c7c05f

SHA256
dc6ee4edbbbe1116a200b928f2b62dbc55594a9f79152bbb0076161a58546c11

SHA512
6b7411b23fa0be275070bb08edb0293f7c5c00fffb7746afe0b4368e0a45e4c2743d3ef86417a610021577f70253bb0ca1c5d3398ac93d22d6672d2b16e0ec4e

Download Submit
memory/100-179-0x0000000005680000-0x0000000005690000-memory.dmp

Filesize
64KB

Download
memory/116-177-0x0000000004F50000-0x0000000004F60000-memory.dmp

Filesize
64KB

Download
memory/456-178-0x0000000005590000-0x00000000055A0000-memory.dmp

Filesize
64KB

Download
memory/844-176-0x0000000005640000-0x0000000005650000-memory.dmp

Filesize
64KB

Download
memory/1324-185-0x00000000052F0000-0x0000000005300000-memory.dmp

Filesize
64KB

Download
memory/1404-163-0x00000000052A0000-0x0000000005844000-memory.dmp

Filesize
5.6MB

Download
memory/1404-156-0x0000000000530000-0x0000000000538000-memory.dmp

Filesize
32KB

Download
memory/1428-182-0x0000000004A70000-0x0000000004A80000-memory.dmp

Filesize
64KB

Download
memory/2444-224-0x0000000000400000-0x0000000000412000-memory.dmp

Filesize
72KB

Download
memory/3952-181-0x00000000050F0000-0x0000000005100000-memory.dmp

Filesize
64KB

Download
memory/4552-175-0x0000000005680000-0x0000000005690000-memory.dmp

Filesize
64KB

Download
memory/4552-162-0x0000000005560000-0x00000000055F2000-memory.dmp

Filesize
584KB

Download
memory/4608-180-0x0000000004BC0000-0x0000000004BD0000-memory.dmp

Filesize
64KB

Download
memory/4796-183-0x0000000004E80000-0x0000000004E90000-memory.dmp

Filesize
64KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads