73de560b4bac32d1735d4fb0f8fdcccdb5b4c074dbbde55f58574622a0e303c8

Analysis

max time kernel
153s
max time network
165s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
24/12/2023, 16:53

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

06be3b71909925b0afede1826816e05f.exe
Size

577KB
MD5

06be3b71909925b0afede1826816e05f
SHA1

878b0e859e358637276e37111786a414785b305f
SHA256

73de560b4bac32d1735d4fb0f8fdcccdb5b4c074dbbde55f58574622a0e303c8
SHA512

e32f2c1113337d3ecdb3eb79cc1f9dde5d5a081527cd5a9c98e055b9d3bd141ac559b17dedfb3d166a8316ab3c6defa4110cf790faa4ef030f505fad10722c29
SSDEEP

12288:SPswateaTRIi8oK/lGRgOUqmq9kR6lhKX4B3a9FsqJKB57d8f:SPswadaitK/cRgOnmq9g65B36rKX6

Score

5^/10

Malware Config

Signatures

Suspicious use of SetThreadContext 1 IoCs

description	pid	Process	procid_target
PID 4888 set thread context of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
4888	06be3b71909925b0afede1826816e05f.exe

Suspicious use of WriteProcessMemory 7 IoCs

description	pid	Process	procid_target
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91
PID 4888 wrote to memory of 4360	4888	06be3b71909925b0afede1826816e05f.exe	91

C:\Users\Admin\AppData\Local\Temp\06be3b71909925b0afede1826816e05f.exe
"C:\Users\Admin\AppData\Local\Temp\06be3b71909925b0afede1826816e05f.exe"
1⤵
- Suspicious use of SetThreadContext
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:4888
- C:\Users\Admin\AppData\Local\Temp\06be3b71909925b0afede1826816e05f.exe
  C:\Users\Admin\AppData\Local\Temp\06be3b71909925b0afede1826816e05f.exe
  2⤵
  PID:4360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4360-54-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4360-56-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4360-57-0x0000000000400000-0x00000000004083A0-memory.dmp

Filesize
32KB

Download
memory/4360-58-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4360-61-0x0000000010000000-0x0000000010012000-memory.dmp

Filesize
72KB

Download
memory/4888-23-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-48-0x0000000002560000-0x0000000002564000-memory.dmp

Filesize
16KB

Download
memory/4888-2-0x00000000024E0000-0x00000000024E1000-memory.dmp

Filesize
4KB

Download
memory/4888-3-0x00000000023C0000-0x00000000023C1000-memory.dmp

Filesize
4KB

Download
memory/4888-4-0x0000000002530000-0x0000000002531000-memory.dmp

Filesize
4KB

Download
memory/4888-5-0x0000000002500000-0x0000000002501000-memory.dmp

Filesize
4KB

Download
memory/4888-6-0x00000000023B0000-0x00000000023B1000-memory.dmp

Filesize
4KB

Download
memory/4888-7-0x0000000002540000-0x0000000002541000-memory.dmp

Filesize
4KB

Download
memory/4888-8-0x0000000003400000-0x0000000003401000-memory.dmp

Filesize
4KB

Download
memory/4888-28-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-10-0x0000000003400000-0x0000000003401000-memory.dmp

Filesize
4KB

Download
memory/4888-11-0x0000000003400000-0x0000000003401000-memory.dmp

Filesize
4KB

Download
memory/4888-12-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-13-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-14-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-15-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-16-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-17-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-18-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-19-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-20-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-21-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-22-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-0-0x0000000000400000-0x00000000004E7000-memory.dmp

Filesize
924KB

Download
memory/4888-24-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-25-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-1-0x0000000002290000-0x00000000022F0000-memory.dmp

Filesize
384KB

Download
memory/4888-26-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-9-0x0000000003400000-0x0000000003401000-memory.dmp

Filesize
4KB

Download
memory/4888-29-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-30-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-31-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-32-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-33-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-34-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-35-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-36-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-37-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-38-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-39-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-40-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-41-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-42-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-43-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-44-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-45-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-46-0x00000000023A0000-0x00000000023A1000-memory.dmp

Filesize
4KB

Download
memory/4888-47-0x0000000002560000-0x0000000002564000-memory.dmp

Filesize
16KB

Download
memory/4888-27-0x00000000033F0000-0x00000000033F1000-memory.dmp

Filesize
4KB

Download
memory/4888-49-0x0000000002560000-0x0000000002564000-memory.dmp

Filesize
16KB

Download
memory/4888-50-0x0000000002560000-0x0000000002564000-memory.dmp

Filesize
16KB

Download
memory/4888-51-0x0000000002560000-0x0000000002564000-memory.dmp

Filesize
16KB

Download
memory/4888-59-0x0000000000400000-0x00000000004E7000-memory.dmp

Filesize
924KB

Download
memory/4888-60-0x0000000002290000-0x00000000022F0000-memory.dmp

Filesize
384KB

Download

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads