Overview

overview

7

Static

static

3

PulsarW495-1.0.6.exe

windows7-x64

7

PulsarW495-1.0.6.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    176s
  • max time network
    200s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2023, 23:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PulsarW495-1.0.6.exe

  • Size

    196.6MB

  • MD5

    bbb215faf5cbd966194b9ff072f9b9c2

  • SHA1

    eb29821dc9079d7a3c1c892b087ccd2b5b046718

  • SHA256

    ed14b9c21b07d215dc3d38bb24cbd27180c36a53e9882a1365316e4d13093688

  • SHA512

    1abd5c7bc5c7d4ab3e4f4c6214780e724525368a063ac14c8f808259ba32aa454509ab5b48c480ac034c8670c152904de3a072f68d4810289d045a8c25d01adc

  • SSDEEP

    3145728:j19SHMB/ojDT5a3xImMKenzy5kH6Z4K6TN4AtZWoembTFGuVwn/Ow:j10BAxxgnOaK6RdZsmPFb0Ow

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\PulsarW495-1.0.6.exe
    "C:\Users\Admin\AppData\Local\Temp\PulsarW495-1.0.6.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2136
    • C:\Users\Admin\AppData\Local\Temp\is-2G6M7.tmp\PulsarW495-1.0.6.tmp
      "C:\Users\Admin\AppData\Local\Temp\is-2G6M7.tmp\PulsarW495-1.0.6.tmp" /SL5="$B0052,205253467,894976,C:\Users\Admin\AppData\Local\Temp\PulsarW495-1.0.6.exe"
      2⤵
      • Executes dropped EXE
      PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\is-2G6M7.tmp\PulsarW495-1.0.6.tmp
    Filesize

    3.1MB

    MD5

    240e044f37f4b50fa68931a83863da60

    SHA1

    6c1d2d31ae761243fea27e753bd1d54388a40b21

    SHA256

    7c5298c4086ccd7caa0d5169b86662c3f4ac2fcf6ee743f497e8ee76c0e5eea6

    SHA512

    26323109598f04f8c2e87f92b093e740c193f2f37d8bb5ef9b0b1a19ef3e6d239d7159ea0824d900abaf4dbde2275cb5d5f24e63a7c1e4d0c81171017df06923

    Download Submit

  • memory/1704-7-0x0000000000D40000-0x0000000000D41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1704-10-0x0000000000400000-0x0000000000722000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/1704-11-0x0000000000D40000-0x0000000000D41000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1704-13-0x0000000000400000-0x0000000000722000-memory.dmp

    Filesize

    3.1MB

    Download

  • memory/2136-0-0x0000000000400000-0x00000000004E8000-memory.dmp

    Filesize

    928KB

    Download

  • memory/2136-2-0x0000000000400000-0x00000000004E8000-memory.dmp

    Filesize

    928KB

    Download

  • memory/2136-8-0x0000000000400000-0x00000000004E8000-memory.dmp

    Filesize

    928KB

    Download

  • memory/2136-12-0x0000000000400000-0x00000000004E8000-memory.dmp

    Filesize

    928KB

    Download