Analysis
-
max time kernel
124s -
max time network
131s -
platform
windows10-1703_x64 -
resource
win10-20230703-en -
resource tags
-
submitted
19/08/2023, 02:26
General
-
Target
Carti's tool (2)/Carti's tool/Neptune.exe
-
Size
100KB
-
MD5
67e8557f6811fc84a055ac5e636dc009
-
SHA1
5ea59f134d8977aabb5e130ef21a70feec245f05
-
SHA256
9bb2a443742f631305e8e57af2f6abe0c7343b1e94b055bf767fd1dffdc7640a
-
SHA512
77d609c4b11ea5a0eebbf7435a6422e1a57172400b969c11e0bab7db759c615c5c1e873932bb8b1f679818b112f80b55f6fd2b08ab68e19732880cd1732b3073
-
SSDEEP
1536:nb7ftfkS5g9YOms+gZcQipICdXkNDqLLZX9lItVGL++eIOlnToIfhw2fNuSQPV9D:n3FfHgTWmCRkGbKGLeNTBfhXVuSQPVR
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\Carti's tool (2)\Carti's tool\Neptune.exe"C:\Users\Admin\AppData\Local\Temp\Carti's tool (2)\Carti's tool\Neptune.exe"1⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\System32\cmd.exe"C:\Windows\sysnative\cmd" /c "C:\Users\Admin\AppData\Local\Temp\E4A3.tmp\E4A4.tmp\E4A5.bat "C:\Users\Admin\AppData\Local\Temp\Carti's tool (2)\Carti's tool\Neptune.exe""2⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\system32\chcp.comchcp 650013⤵
-
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
MD567150823b5efda37b8db8d16975aa954
SHA1a01b8d513a352db0c6f8c4a3bac79aa8c5e03236
SHA256be2a5a4f5acc1d446bf3d407f90e3fdaf8a9773c75590198d4d8a3a5ab281714
SHA512e6badfa18440006b12087f0843c0adaa89d09b0bfe110b01e597c2b0776edf3b02ef48b6140a7ec482c665b334442fa082e82c36bc3608bc32b0644cd261c466