ad61de4171fd38559599d7f5bbdf77e36bb46341dd67ac175ac9fc8b56bddedb | Triage

Analysis

max time kernel
141s
max time network
122s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
12-10-2023 15:06

Sharing

Report Analysis Logs

General

Target

DSE24.exe
Size

816KB
MD5

92566b4e4263c44a6e2682e0807db17e
SHA1

db24f66fb53864915c011e091824b29d6b690b49
SHA256

ad61de4171fd38559599d7f5bbdf77e36bb46341dd67ac175ac9fc8b56bddedb
SHA512

dbfdadfba87ac86ffbf2c533c027f4462b1a3cb146c00c1dc20c4369192b5e9bba5664844d3a2a3aea662a01523d3ebc067fb2b8901e18e148513fd65fb268ea
SSDEEP

24576:ajunWu+HdsAMv16chemmdAeukZ3CMFN3C:ajdmAMvcmleZZ3RFN3C

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 3004 wrote to memory of 1284	3004	DSE24.exe	29
PID 3004 wrote to memory of 1284	3004	DSE24.exe	29
PID 3004 wrote to memory of 1284	3004	DSE24.exe	29

C:\Users\Admin\AppData\Local\Temp\DSE24.exe
"C:\Users\Admin\AppData\Local\Temp\DSE24.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:3004
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c embedded.exe
  2⤵
  PID:1284

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3004-0-0x000000013F390000-0x000000013F438000-memory.dmp

Filesize
672KB

Download