d4c119b9af008b1f4cf7a31539e25098c22afbf7446c966a88f15a804a085e13 | Triage

Analysis

max time kernel
119s
max time network
122s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
21/08/2023, 01:56

Sharing

Report Analysis Logs

General

Target

load.exe
Size

637KB
MD5

79fa77b3f5d94826016738fe1a89b07e
SHA1

4c6a3e570957251b7e54db8394e5aa0f256ad32c
SHA256

d4c119b9af008b1f4cf7a31539e25098c22afbf7446c966a88f15a804a085e13
SHA512

2abcbe7a269505d29c5bcfa4da888b19be794abe0a058de0a1f13a4d6c7954797d8eafe1105a139ef7c8b9cb478cf5e1137b7b45e54aeda5811908506c14a2ce
SSDEEP

12288:HEA3tujxet80MWSOpybNORz46gND9+VSRvhh8qAfZ0Yr:kb0t8/YybN/6gN9+GYqmKC

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2604 wrote to memory of 1992	2604	load.exe	29
PID 2604 wrote to memory of 1992	2604	load.exe	29
PID 2604 wrote to memory of 1992	2604	load.exe	29

C:\Users\Admin\AppData\Local\Temp\load.exe
"C:\Users\Admin\AppData\Local\Temp\load.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:2604
- C:\Windows\system32\notepad.exe
  notepad.exe
  2⤵
  PID:1992

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads