3bf0b9a7dd83d80d5e34ace658993c1ef171e70795a74a4c24027f63a856132a | Triage

Analysis

max time kernel
148s
max time network
106s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24/12/2023, 15:57

Sharing

Report Analysis Logs

General

Target

048ffc50e8fd7aea9c52cf48ac6d507f.exe
Size

476KB
MD5

048ffc50e8fd7aea9c52cf48ac6d507f
SHA1

6c3c968d41e9796743806f0c00deb5b3b4b1cab1
SHA256

3bf0b9a7dd83d80d5e34ace658993c1ef171e70795a74a4c24027f63a856132a
SHA512

4b4bd23d3b49b1d08c3dab3f224e4fbc312c3da224ee43e46630f06269362fdccb9bc489acda531a8a06cda51bc8f65c3b3f80b6d8a9e35191cdf52da02ffec3
SSDEEP

6144:QyJZv5zFiIO5K9vxsJr6x7oEooLuV9u3SKk9e2dkIZFF2Ad:QcLFQ6KEHi9J

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4336 set thread context of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21

Suspicious use of WriteProcessMemory 8 IoCs

description	pid	Process	procid_target
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21
PID 4336 wrote to memory of 1920	4336	048ffc50e8fd7aea9c52cf48ac6d507f.exe	21

C:\Users\Admin\AppData\Local\Temp\048ffc50e8fd7aea9c52cf48ac6d507f.exe
"C:\Users\Admin\AppData\Local\Temp\048ffc50e8fd7aea9c52cf48ac6d507f.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of WriteProcessMemory
PID:4336
- C:\Users\Admin\AppData\Local\Temp\048ffc50e8fd7aea9c52cf48ac6d507f.exe
  "C:\Users\Admin\AppData\Local\Temp\048ffc50e8fd7aea9c52cf48ac6d507f.exe"
  2⤵
  PID:1920

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1920-2-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/1920-4-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/1920-3-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download
memory/1920-0-0x0000000000400000-0x0000000000431000-memory.dmp

Filesize
196KB

Download