Analysis
-
max time kernel
259s -
max time network
264s -
platform
windows10-1703_x64 -
resource
win10-20230915-en -
resource tags
-
submitted
19-09-2023 06:52
General
-
Target
k7432982.exe
-
Size
393KB
-
MD5
383bee6167a05d96266c75c521797494
-
SHA1
67815b143c0d3dab12da5a0c3ec34211b104400d
-
SHA256
57f323470d018b0714f9d928ff7d0424e3c3622d65ce33711d6f556c30f92884
-
SHA512
97790113a18df17bf3a96e4ebb3bb58599796b23d73d99425558d2aea089a14d0d9f5997a8ac1bc1b86591041d689c06f47169f0ab53f9d6f6f05ea33cbb235a
-
SSDEEP
12288:njFIqiG59ounkpxTDmQTaUNBY5/XQ/V1Sa:njFL52xTDraEY5/XQ/Vs
Score
5/10
Malware Config
Signatures
-
Suspicious use of SetThreadContext 1 IoCs
-
Suspicious use of WriteProcessMemory 10 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\k7432982.exe"C:\Users\Admin\AppData\Local\Temp\k7432982.exe"
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
-
C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe"
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/5068-0-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/5068-3-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/5068-4-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/5068-5-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB
-
memory/5068-6-0x0000000000400000-0x000000000042F000-memory.dmpFilesize
188KB