e74c24d70c3ebb75f1767a60024501b072b7404945a76ba8f9a4bb89ea585f7c | Triage

Analysis

max time kernel
5s
platform
windows10-1703_x64
resource
win10-20231020-en
resource tags

arch:x64arch:x86image:win10-20231020-enlocale:en-usos:windows10-1703-x64system
submitted
21-11-2023 11:18

Sharing

Report Analysis Logs

General

Target

injector.exe
Size

32KB
MD5

0f6d57a2d1d04b48ea3389d32fda7103
SHA1

6307ca7a57afe39080691873a744a752d71518e5
SHA256

e74c24d70c3ebb75f1767a60024501b072b7404945a76ba8f9a4bb89ea585f7c
SHA512

caa3d313d1a52c4db5966132ca0dbc7a5f7db5d46503295d4e061238d852a752d6588784d8f53ce9b9a356f01cf91155abde47faf48b3c20dbd48d69aded6c46
SSDEEP

768:ASEfsPJRlNhSP00ZCESyH6Bwk0f4WTKdVPPfysuc9m:vPJ7NhSP00ZTSyHCwk0WLXg

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 2 IoCs

description	pid	Process	procid_target
PID 168 wrote to memory of 5056	168	injector.exe	71
PID 168 wrote to memory of 5056	168	injector.exe	71

C:\Users\Admin\AppData\Local\Temp\injector.exe
"C:\Users\Admin\AppData\Local\Temp\injector.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:168
- C:\Windows\system32\cmd.exe
  C:\Windows\system32\cmd.exe /c pause
  2⤵
  PID:5056

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads