aa943c1177ea684d1b2df76c140a9a5a92dae05462c10392e1a8b349f61610fd | Triage

Analysis

max time kernel
140s
max time network
32s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
13/06/2023, 19:24

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

BuildSQL.exe
Size

1.3MB
MD5

4afaf8bb98321eec8b323c91061e0c97
SHA1

111d1a042cd6f9afd02fac22bdf070f0e0b229df
SHA256

aa943c1177ea684d1b2df76c140a9a5a92dae05462c10392e1a8b349f61610fd
SHA512

7a2c281140dd082532c6d87c9498cf780cbe54c98ea8621decc6180b5ed77daa5f0d8333e45eda970aac8953ca0da4ba2b1bbba6ec3d8dd20a7238a1a9a56ab2
SSDEEP

24576:CMQewT+XEtOX6HAgkCMfM9S0fh/XOUaNhIkCrY0+I:53XfX6HX7XOxbI/t

Score

1^/10

Malware Config

Signatures

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1424	BuildSQL.exe

C:\Users\Admin\AppData\Local\Temp\BuildSQL.exe
"C:\Users\Admin\AppData\Local\Temp\BuildSQL.exe"
1⤵
- Suspicious behavior: GetForegroundWindowSpam
PID:1424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1424-54-0x00000000002B0000-0x00000000002B1000-memory.dmp

Filesize
4KB

Download
memory/1424-55-0x0000000000400000-0x0000000000549000-memory.dmp

Filesize
1.3MB

Download